threat-modellisted

Produce a STRIDE-lite threat model for the SaaS app: enumerate assets, trust boundaries, and entry points, then name the top threat and mitigation for each STRIDE category, focused on multi-tenant SaaS.
evgenii-studitskikh/Claude-Code-SaaS-Studio · ★ 1 · AI & Automation · score 80

Install: claude install-skill evgenii-studitskikh/Claude-Code-SaaS-Studio

Systematically surface what could go wrong before a line of security code is written. Working from the PRD and architecture doc, the skill enumerates valuable assets (user data, tenant data, billing records, secrets) and every surface where an attacker could interact with the system (public routes, the auth boundary, Stripe webhook endpoints, admin surfaces), then applies a STRIDE-lite analysis to name the most important threat and a concrete mitigation for each category in the context of a multi-tenant Next.js + Supabase + Stripe SaaS. The result is a structured threat model doc that the `/security-audit` skill can use to verify whether the mitigations are actually implemented. Non-autonomous: drafts are presented before writing; the user approves before the file is saved. ## Phases 1. **Load context** — read `docs/specs/prd.md` and `docs/specs/architecture.md`. If either file is missing, stop: direct the user to `/write-prd` or `/design-architecture` as appropriate before proceeding. 2. **Enumerate assets & entry points** — identify and list: (a) data assets (per-tenant user records, tenant configuration, billing/subscription data, session tokens, service secrets); (b) entry points and trust boundaries (unauthenticated public routes, the authentication boundary and session layer, API route handlers and server actions, Stripe webhook endpoints, admin/internal surfaces, third-party OAuth callbacks). Present the list to the user for any additions or corrections before continu