Produce a threat model — assets, ranked threats, mitigations, accepted risks. Use when asked to "threat model this", "what could go wrong security-wise", "map our attack surface", or before designing any security-sensitive feature.
Add the marketplace (inside Claude Code):
/plugin marketplace add tonone-ai/tononeInstall the plugin:
/plugin install warden-threatPublic Builder skills for docs-first discipline, autonomous execution, cross-agent review, efficient agent workflows, clear status recaps, and Agent-Native Plan modes.
Design operations skills: handoff specs, design critique facilitation, design sprint planning, asset management, and design debt audits.
WooYun business logic vulnerability methodology — a security testing knowledge plugin distilled from 22,132 public cases, adding evidence-based references, quantitative statistics, and data-driven prioritization.