Security 590 installs

security-requirement-extraction

by wshobson/agents

Derive security requirements from threat models and business context. Use when translating threats into actionable requirements, creating security user…

Skill content

Transform threat analysis into actionable security requirements.

- Converts STRIDE threat categories into functional, non-functional, and constraint requirements with automatic priority calculation based on impact and likelihood

- Generates security user stories, acceptance criteria, and test cases directly from threats; includes traceability matrices linking threats to requirements

- Maps requirements to compliance frameworks (PCI-DSS, HIPAA, GDPR, SOC2, NIST, ISO 27001, OWASP) and identifies coverage gaps

- Organizes requirements by security domain (authentication, authorization, data protection, audit logging, input validation, cryptography, and six others) with built-in filtering and export to markdown

Security Requirement Extraction

Transform threat analysis into actionable security requirements.

When to Use This Skill

- Converting threat models to requirements

- Writing security user stories

- Creating security test cases

- Building security acceptance criteria

- Compliance requirement mapping

- Security architecture documentation

Core Concepts

1. Requirement Categories