This brings STRIDE threat modeling and DREAD risk scoring directly into your Claude workflow, along with secret detection across 20+ credential patterns and OWASP Top 10 code reviews. You'd reach for this when architecting a new system and need to map trust boundaries, when reviewing PRs for hardcoded API keys, or when a security audit is coming and you need defense-in-depth documentation fast. It includes structured workflows for each security discipline with validation checkpoints, plus reference tables for the STRIDE-per-element matrix and severity scoring. The approach is methodical rather than automated scanning, so expect to work through checklists and frameworks rather than getting instant vulnerability reports.
npx skills add https://github.com/borghei/claude-skills --skill senior-security