Maps out attack scenarios by building hierarchical threat trees with AND/OR logic gates, cost estimates, and difficulty ratings. You'd use this during threat modeling sessions, security reviews, or when explaining attack paths to management. Creates structured data models with attributes like detection risk and time requirements, then finds optimal attack paths based on cost, stealth, or difficulty. The real value is turning abstract security discussions into concrete visualizations that show exactly how attackers might chain techniques together. Beats drawing boxes on whiteboards and helps prioritize defensive investments based on actual threat paths.
npx skills add https://github.com/wshobson/agents --skill attack-tree-construction