← Back to Skills

Security Architect

🌐Community
by oimiragieo · vlatest · Repository

Designs secure cloud architectures and identifies vulnerabilities based on industry best practices and threat modeling.

Install on your platform

We auto-selected Claude Code based on this skill’s supported platforms.

1

Run in terminal (recommended)

terminal
claude mcp add oimiragieo-security-architect npx -- -y @trustedskills/oimiragieo-security-architect
2

Or manually add to ~/.claude/settings.json

~/.claude/settings.json
{
  "mcpServers": {
    "oimiragieo-security-architect": {
      "command": "npx",
      "args": [
        "-y",
        "@trustedskills/oimiragieo-security-architect"
      ]
    }
  }
}

Requires Claude Code (claude CLI). Run claude --version to verify your install.

About This Skill

What it does

The Security Architect skill assists in designing secure cloud architectures by leveraging industry best practices and threat modeling techniques. It specifically focuses on identifying potential vulnerabilities using STRIDE analysis, extended for AI/agentic systems to include concerns like Goal Hijacking and Memory Poisoning. Furthermore, the skill incorporates an assessment based on the OWASP Top 10 2025 list, providing a current perspective on web application security risks.

When to use it

This skill is valuable in these scenarios:

  • Designing new cloud-based applications or services.
  • Reviewing existing architectures for potential security weaknesses.
  • Performing threat modeling exercises to anticipate and mitigate risks.
  • Ensuring compliance with modern security standards, particularly the OWASP Top 10 2025.
  • Analyzing AI agent deployments to identify vulnerabilities related to adversarial prompts or tool misuse.

Key capabilities

  • STRIDE Threat Modeling: Identifies threats based on Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, and Elevation of Privilege.
  • AI/Agentic System Extensions to STRIDE: Considers Goal Hijacking, Memory Poisoning, and Tool Misuse as specific threat vectors.
  • OWASP Top 10 2025 Analysis: Evaluates architectures against the latest OWASP vulnerabilities, including newly added categories and ranking shifts.
  • Detailed Vulnerability Checks: Provides guidance on checking for specific vulnerabilities like Broken Access Control (including SSRF), Security Misconfiguration, and Software Supply Chain Failures.

Example prompts

  • "Perform a STRIDE threat model analysis for this proposed cloud architecture."
  • "Assess this application against the OWASP Top 10 2025 list, focusing on potential injection vulnerabilities."
  • "Analyze this AI agent deployment for risks related to Memory Poisoning and Goal Hijacking."

Tips & gotchas

  • OWASP Version: Ensure you are using the OWASP Top 10 2025 list; older versions (like 2021) contain outdated information.
  • Context is Key: The skill's effectiveness depends on providing detailed architectural descriptions and context for analysis.
  • Agentic System Focus: The STRIDE extensions are particularly relevant when evaluating AI agent deployments and their potential misuse.
View Repository →

Tags

🛡️

TrustedSkills Verification

Unlike other registries that point to live repositories, TrustedSkills pins every skill to a verified commit hash. This protects you from malicious updates — what you install today is exactly what was reviewed and verified.

Security Audits

Gen Agent Trust HubPass
SocketPass
SnykPass

Details

Version
vlatest
License
Author
oimiragieo
Installs
39
Repository (canonical source) →

🌐 Community

Passed automated security scans.