threat-mitigation-mapping

Map identified threats to appropriate security controls and mitigations for effective defense-in-depth planning.

wshobson/agents|Updated Apr 8, 2026

Works with

Claude CodeCursorClineWindsurfCodexGoose

What it does

Provides control categorization by type (preventive, detective, corrective) and layer (network, application, data, endpoint, process), with templates for building threat-to-control mappings and calculating coverage gaps
Includes a standard control library with 15+ pre-built controls covering authentication, encryption, logging, access control, and availability, each mapped to

Repository

wshobson/agents

Last updated

Apr 8, 2026

Installation Guide

Select your AI agent

How to use threat-mitigation-mapping on Cursor

AI-first code editor with Composer

Prerequisites

Before installing skills in Cursor, ensure your development environment meets these requirements:

›Cursor installed and configured on your machine
›Node.js 16+ with npm — verify with node --version
›Active project directory where you want to add threat-mitigation-mapping

Run the install command

Execute the skills CLI command in your project's root directory to begin installation:

$npx skills add https://github.com/wshobson/agents --skill threat-mitigation-mapping

Fetches threat-mitigation-mapping from wshobson/agents and configures it for Cursor.

Select Cursor when prompted

The CLI shows a list of agents. Use arrow keys and space to select Cursor:

◆ Which agents do you want to install to?

│

│ ── Universal (.agents/skills) ────────────────

│ · Cline · Codex · Goose · Windsurf

│ ●Cursor(selected)

│ · Cursor · Aider · Continue

Verify installation

Confirm successful installation by checking the skill directory location:

.cursor/skills/threat-mitigation-mapping

Restart Cursor to activate threat-mitigation-mapping. Access via /threat-mitigation-mapping in your agent's command palette.

⚠

Security Notice

We perform automated surface-level scans (Gen AI Scanner, Socket, Snyk) during installation. These checks detect common vulnerabilities but do not guarantee complete security. Always review skill source code and verify the publisher's reputation before production use.

Skills execute code in your environment. Always review source, verify the publisher, and test in isolation before production.

›View source on GitHub ›Skills CLI docs ›About Cursor ›What are agent skills?

Documentation

List & Monetize Your Skill

Submit your Claude Code skill and start earning

Get started →

Use Cases

User Story & Requirements Generation

Create detailed user stories, acceptance criteria, and feature specs

Example

Generate user stories for 'password reset feature' with acceptance criteria, edge cases, and test scenarios

✓

Reduce spec writing time by 50%, ensure comprehensive coverage

Competitive Analysis

Research competitors, compare features, identify gaps

Example

Analyze 5 competitor products, create feature comparison matrix, suggest differentiation opportunities

✓

Complete competitive research in 2 hours instead of 2 days

Roadmap Prioritization

Evaluate features using frameworks (RICE, ICE, Kano) and create prioritized backlogs

Example

Score 20 feature ideas using RICE framework, generate prioritized roadmap with rationale

Core Concepts

1. Control Categories

Preventive ────► Stop attacks before they occur │ (Firewall, Input validation) │ Detective ─────► Identify attacks in progress │ (IDS, Log monitoring) │ Corrective ────► Respond and recover from attacks (Incident response, Backup restore)

2. Control Layers

Layer

Examples

Network

Firewall, WAF, DDoS protection

Application

Input validation, authentication

Data

Encryption, access controls

Endpoint

EDR, patch management

Process

Security training, incident response

3. Defense in Depth

┌──────────────────────┐ │ Perimeter │ ← Firewall, WAF │ ┌──────────────┐ │ │ │ Network │ │ ← Segmentation, IDS │ │ ┌────────┐ │ │ │ │ │ Host │ │ │ ← EDR, Hardening │ │ │ ┌────┐ │ │ │ │ │ │ │App │ │ │ │ ← Auth, Validation │ │ │ │Data│ │ │ │ ← Encryption │ │ │ └────┘ │ │ │ │ │ └────────┘ │ │ │ └──────────────┘ │ └──────────────────────┘

Templates

Template 1: Mitigation Model

from dataclasses import dataclass, field from enum import Enum from typing import List, Dict, Optional, Set from datetime import datetime class ControlType(Enum): PREVENTIVE = "preventive" DETECTIVE = "detective" CORRECTIVE = "corrective" class ControlLayer(Enum): NETWORK = "network" APPLICATION = "application" DATA = "data" ENDPOINT = "endpoint" PROCESS = "process" PHYSICAL = "physical" class ImplementationStatus(Enum): NOT_IMPLEMENTED = "not_implemented" PARTIAL = "partial" IMPLEMENTED = "implemented" VERIFIED = "verified" class Effectiveness(Enum): NONE = 0 LOW = 1 MEDIUM = 2 HIGH = 3 VERY_HIGH = 4 @dataclass class SecurityControl: id: str name: str description: str control_type: ControlType layer: ControlLayer effectiveness: Effectiveness implementation_cost: str # Low, Medium, High maintenance_cost: str status: ImplementationStatus = ImplementationStatus.NOT_IMPLEMENTED mitigates_threats: List[str] = field(default_factory=list) dependencies: List[str] = field(default_factory=list) technologies: List[str] = field(default_factory=list) compliance_refs: List[str] = field(default_factory=list) def coverage_score(self) -> float: """Calculate coverage score based on status and effectiveness.""" status_multiplier = { ImplementationStatus.NOT_IMPLEMENTED: 0.0, ImplementationStatus.PARTIAL: 0.5, ImplementationStatus.IMPLEMENTED: 0.8, ImplementationStatus.VERIFIED: 1.0, } return self.effectiveness.value * status_multiplier[self.status] @dataclass class Threat: id: str name: str category: str # STRIDE category description: str impact: str # Critical, High, Medium, Low likelihood: str risk_score: float @dataclass class MitigationMapping: threat: Threat controls: List[SecurityControl] residual_risk: str = "Unknown" notes: str = "" def calculate_coverage(self) -> float: """Calculate how well controls cover the threat.""" if not self.controls: return 0.0 total_score = sum(c.coverage_score() for c in self.controls) max_possible = len(self.controls) * Effectiveness.VERY_HIGH.value return (total_score / max_possible) * 100 if max_possible > 0 else 0 def has_defense_in_depth(self) -> bool: """Check if multiple layers are covered.""" layers = set(c.layer for c in self.controls if c.status != ImplementationStatus.NOT_IMPLEMENTED) return len(layers) >= 2 def has_control_diversity(self) -> bool: """Check if multiple control types are present.""" types = set(c.control_type for c in self.controls if c.status != ImplementationStatus.NOT_IMPLEMENTED) return len(types) >= 2 @dataclass class MitigationPlan: name: str threats: List[Threat] = field(default_factory=list) controls: List[SecurityControl] = field(default_factory=list) mappings: List[MitigationMapping] = field(default_factory=list) def get_unmapped_threats(self) -> List[Threat]: """Find threats without mitigations.""" mapped_ids = {m.threat.id for m in self.mappings} return [t for t in self.threats if t.id not in mapped_ids] def get_control_coverage(self) -> Dict[str, float]: """Get coverage percentage for each threat.""" return { m.threat✓ Make data-driven prioritization decisions faster Stakeholder Communication Draft PRDs, status updates, and stakeholder presentations Example Create executive summary of Q3 roadmap, monthly progress report, feature launch announcement ✓Save 3-5 hours/week on communication overhead Implementation Guide Prerequisites ›Claude Desktop or compatible AI client ›Access to product documentation and roadmap tools (Jira, Notion, etc.) ›Understanding of product management frameworks (RICE, Jobs-to-be-Done, etc.) ›Stakeholder contact information and communication channels Time Estimate 30-60 minutes to see productivity improvements Steps 1Install product management skill 2Start with user story generation for known feature 3Progress to competitive analysis: research 2-3 competitors 4Use for roadmap prioritization: apply RICE/ICE scoring 5Draft stakeholder communications and refine based on feedback 6Build template library for recurring PM tasks 7Share effective prompts with product team Common Pitfalls ⚠Not validating competitive research—verify facts before sharing ⚠Accepting user stories without involving engineering team ⚠Over-relying on frameworks without qualitative judgment ⚠Not customizing outputs to company culture and communication style ⚠Skipping stakeholder validation of generated requirements Best Practices ✓ Do +Validate research and competitive analysis with real data +Collaborate with engineering when generating technical requirements +Customize frameworks and templates to your company context +Use skill for first drafts, refine with stakeholder input +Document successful prompt patterns for PM tasks +Combine AI efficiency with human judgment and intuition ✗ Don't −Don't publish competitive analysis without fact-checking −Don't finalize user stories without engineering review −Don't make prioritization decisions solely on AI scoring −Don't skip customer validation of generated requirements −Don't ignore company-specific context and culture 💡 Pro Tips ★Provide context: company goals, constraints, customer feedback ★Ask for alternatives: 'Show 3 ways to prioritize this roadmap' ★Request stakeholder-specific formatting: 'Executive summary vs. engineering spec' ★Use skill for 70% generation + 30% customization to company needs When to Use This ✓ Use when Use for user story writing, competitive research, roadmap prioritization, stakeholder communication, and PRD drafting. Best for reducing repetitive documentation and research work. ✗ Avoid when Avoid for strategic product vision (requires deep customer empathy), pricing decisions (needs market and financial expertise), or when face-to-face customer discovery is more valuable than speed. Learning Path 1Basic: user stories, feature specs, status updates 2Intermediate: competitive analysis, prioritization frameworks, PRDs 3Advanced: product strategy, go-to-market planning, OKR setting 4Expert: product vision, market positioning, business model innovation Related Skills grill-me 391 mattpocock/skills Productivitysame categorypremortem 197 parcadei/continuous-claude-v3 Productivitysame categorydeslop 119 cursor/plugins Productivitysame categoryframer-motion 99 pproenca/dot-skills Productivitysame categorywrite-a-prd 94 mattpocock/skills Productivitysame categorytravel-planner 92 ailabs-393/ai-labs-claude-skills Productivitysame category Reviews 4.5★★★★★61 reviews J Jin Khanna★★★★★Dec 28, 2024 threat-mitigation-mapping has been reliable in day-to-day use. Documentation quality is above average for community skills. N Nia Sanchez★★★★★Dec 28, 2024 Useful defaults in threat-mitigation-mapping — fewer surprises than typical one-off scripts, and it plays nicely with `npx skills` flows. K Kiara Kapoor★★★★★Dec 24, 2024 threat-mitigation-mapping fits our agent workflows well — practical, well scoped, and easy to wire into existing repos. S Sophia Thomas★★★★★Dec 12, 2024 We added threat-mitigation-mapping from the explainx registry; install was straightforward and the SKILL.md answered most questions upfront. Z Zaid Kapoor★★★★★Dec 4, 2024 Solid pick for teams standardizing on skills: threat-mitigation-mapping is focused, and the summary matches what you get after install. L Lucas Jain★★★★★Dec 4, 2024 threat-mitigation-mapping reduced setup friction for our internal harness; good balance of opinion and flexibility. Y Yash Thakker★★★★★Nov 27, 2024 threat-mitigation-mapping fits our agent workflows well — practical, well scoped, and easy to wire into existing repos. O Omar Srinivasan★★★★★Nov 23, 2024 I recommend threat-mitigation-mapping for anyone iterating fast on agent tooling; clear intent and a small, reviewable surface area. O Omar Singh★★★★★Nov 23, 2024 Registry listing for threat-mitigation-mapping matched our evaluation — installs cleanly and behaves as described in the markdown. O Omar Sharma★★★★★Nov 19, 2024 We added threat-mitigation-mapping from the explainx registry; install was straightforward and the SKILL.md answered most questions upfront. showing 1-10 of 61 1 / 7 Discussion Comments — not star reviews No comments yet — start the thread.

threat-mitigation-mapping

What it does

Category

Repository

Last updated

Installation Guide

How to use threat-mitigation-mapping on Cursor

Prerequisites

Run the install command

Select Cursor when prompted

Verify installation

Security Notice

Documentation

List & Monetize Your Skill

Use Cases

User Story & Requirements Generation

Competitive Analysis

Roadmap Prioritization

Install Skill

Threat Mitigation Mapping

When to Use This Skill

Core Concepts

1. Control Categories

2. Control Layers

3. Defense in Depth

Templates

Template 1: Mitigation Model

Stakeholder Communication

Implementation Guide

Best Practices

When to Use This

Learning Path

Related Skills

grill-me

premortem

deslop

framer-motion

write-a-prd

travel-planner

Reviews

Discussion