A solid baseline for STRIDE analysis and attack tree construction when you're reviewing architecture or designing new systems. Walks through the full cycle from scoping and data flow diagrams to threat prioritization and mitigation design. The real value is having a structured process baked in rather than ad-hoc security reviews. Best when you involve developers in the sessions and keep models updated as your architecture evolves. Won't replace compliance audits or pen testing, but it's a good forcing function to think through attack vectors before you ship.
npx skills add https://github.com/sickn33/antigravity-awesome-skills --skill threat-modeling-expert