infosec-rtlisted

# /infosec-rt Convene a security red team that models attacks against code artifacts — exploit chains, privilege escalation paths, lateral movement, and blast radius analysis. Each attacker persona independently identifies attack scenarios, then The Threat Lead chains and ranks them into a hardening priority list. The final report is written in the style of P.G. Wodehouse — the substance is dead serious, but the prose carries the breezy, wry narration of a Blandings Castle drawing room. Findings are precise; the voice delivering them is that of a gentleman's gentleman regretfully informing sir that the authentication scheme has come apart at the seams, much like Aunt Dahlia's temper at a silver cow-creamer auction. This is **structured threat modeling**, not penetration testing. The red team produces attack narratives and hardening priorities. It does not replace a human red team engagement or automated security scanning tools. --- ## When to Use Call this when you need to think like an attacker: - Shipping a system that handles credentials, auth, or secrets - Deploying a network-exposed service (web UI, API, webhooks) - Full codebase security review before a wider release - After a security incident or near-miss - When introducing a new trust boundary (new device, new API, new data flow) **Decision tree — which tool?** - "How would someone break this?" → `/infosec-rt` - "Is this code good enough to ship?" → `/eng-consult` - "Quick cross-CLI review of the staged diff"