attack-tree-construction

> AUTHORIZED USE ONLY: Use this skill only for authorized security assessments, defensive validation, or controlled educational environments. # Attack Tree Construction Systematic attack path visualization and analysis. ## Use this skill when - Visualizing complex attack scenarios - Identifying defense gaps and priorities - Communicating risks to stakeholders - Planning defensive investments or test scopes ## Do not use this skill when - You lack authorization or a defined scope to model the system - The task is a general risk review without attack-path modeling - The request is unrelated to security assessment or design ## Instructions - Confirm scope, assets, and the attacker goal for the root node. - Decompose into sub-goals with AND/OR structure. - Annotate leaves with cost, skill, time, and detectability. - Map mitigations per branch and prioritize high-impact paths. - If detailed templates are required, open `resources/implementation-playbook.md`. ## Safety - Share attack trees only with authorized stakeholders. - Avoid including sensitive exploit details unless required. ## Resources - `resources/implementation-playbook.md` for detailed patterns, templates, and examples.