aa71e76eb9
- Add date_added to all 950+ skills for complete tracking - Update version to 6.5.0 in package.json and README - Regenerate all indexes and catalog - Sync all generated files Features from merged PR #150: - Stars/Upvotes system for community-driven discovery - Auto-update mechanism via START_APP.bat - Interactive Prompt Builder - Date tracking badges - Smart auto-categorization All skills validated and indexed. Made-with: Cursor
42 lines
1.3 KiB
Markdown
42 lines
1.3 KiB
Markdown
---
|
|
name: attack-tree-construction
|
|
description: "Build comprehensive attack trees to visualize threat paths. Use when mapping attack scenarios, identifying defense gaps, or communicating security risks to stakeholders."
|
|
risk: unknown
|
|
source: community
|
|
date_added: "2026-02-27"
|
|
---
|
|
|
|
# Attack Tree Construction
|
|
|
|
Systematic attack path visualization and analysis.
|
|
|
|
## Use this skill when
|
|
|
|
- Visualizing complex attack scenarios
|
|
- Identifying defense gaps and priorities
|
|
- Communicating risks to stakeholders
|
|
- Planning defensive investments or test scopes
|
|
|
|
## Do not use this skill when
|
|
|
|
- You lack authorization or a defined scope to model the system
|
|
- The task is a general risk review without attack-path modeling
|
|
- The request is unrelated to security assessment or design
|
|
|
|
## Instructions
|
|
|
|
- Confirm scope, assets, and the attacker goal for the root node.
|
|
- Decompose into sub-goals with AND/OR structure.
|
|
- Annotate leaves with cost, skill, time, and detectability.
|
|
- Map mitigations per branch and prioritize high-impact paths.
|
|
- If detailed templates are required, open `resources/implementation-playbook.md`.
|
|
|
|
## Safety
|
|
|
|
- Share attack trees only with authorized stakeholders.
|
|
- Avoid including sensitive exploit details unless required.
|
|
|
|
## Resources
|
|
|
|
- `resources/implementation-playbook.md` for detailed patterns, templates, and examples.
|