Feat threat model copilot plugin support

README.md

@@ -73,9 +73,12 @@ It standardizes intake, then hands off to specialist agents (Analyst/Architect/E
 | [dependency-cve-triage](skills/dependency-cve-triage/SKILL.md) | CVE reachability + remediation plan workflow. |
 | [secrets-and-logging-hygiene](skills/secrets-and-logging-hygiene/SKILL.md) | Prevent secret leaks and add redaction defaults. |
 | [genai-acceptance-review](skills/genai-acceptance-review/SKILL.md) | Prevent over-trust and prompt/tool injection risks. |
+| [threat-model](skills/threat-model/SKILL.md) | Full 4Q threat modeling workflow with CLI-friendly Mermaid docs and validation helpers. |
 | [threat-model-lite](skills/threat-model-lite/SKILL.md) | Lightweight threat modeling with ranked mitigations. |
 | [secure-fix-validation](skills/secure-fix-validation/SKILL.md) | Prove fixes work and don’t regress behavior. |
 
+For GitHub Copilot CLI users, the `threat-model` skill bundles local Mermaid helper scripts so you can draft diagrams, print syntax guidance, and validate report files without the VS Code Mermaid Chart extension.
+
 ## 📦 How to Use in a Real Project
 
 Tip for contributors: when adding a file under `prompts/`, update the Prompt Catalogue table.

marketplace.json

@@ -0,0 +1,19 @@
+{
+  "name": "copilot-security-instructions",
+  "metadata": {
+    "description": "Security-focused GitHub Copilot plugin marketplace for AppSec agents and the threat-model skill",
+    "version": "1.0.0",
+    "pluginRoot": "./plugins"
+  },
+  "owner": {
+    "name": "Robotti Tech Services"
+  },
+  "plugins": [
+    {
+      "name": "threat-model",
+      "description": "Performs threat modeling using Mermaid diagrams to validate flowcharts / sequence diagrams for security review",
+      "version": "1.0.0",
+      "source": "copilot-security-instructions"
+    }
+  ]
+}

package.json

@@ -17,6 +17,8 @@
   "scripts": {
     "start": "node server.js",
     "dev": "nodemon server.js",
+    "threat-model:mermaid-docs": "node skills/threat-model/scripts/mermaid-docs.mjs",
+    "threat-model:mermaid-validate": "node skills/threat-model/scripts/validate-mermaid.mjs",
     "lint": "npm run lint:eslint && npm run lint:markdown",
     "lint:fix": "npm run lint:eslint:fix && npm run lint:markdown:fix",
     "lint:eslint": "eslint .",

plugins/threat-model/.github/plugin/plugin.json

@@ -0,0 +1,16 @@
+{
+  "name": "threat-model",
+  "description": "Performs threat modeling using Mermaid diagrams to validate flowcharts / sequence diagrams for security review",
+  "version": "1.0.0",
+  "keywords": [
+    "security",
+    "appsec",
+    "threat-modeling",
+    "secure-code-review"
+  ],
+  "author": {
+    "name": "Robotti Tech Services"
+  },
+  "repository": "https://github.com/Robotti-io/copilot-security-instructions",
+  "license": "ISC"
+}

plugins/threat-model/agents/application-security-architect.md

@@ -0,0 +1,158 @@
+---
+name: application-security-architect
+description: Designs secure architectures and guardrails. Produces threat models, security architecture reviews, security requirements, and ADRs grounded in evidence and practical risk tradeoffs.
+tools: ['vscode', 'execute', 'read', 'edit', 'search', 'web', 'mermaidchart.vscode-mermaid-chart/get_syntax_docs', 'mermaidchart.vscode-mermaid-chart/mermaid-diagram-validator', 'mermaidchart.vscode-mermaid-chart/mermaid-diagram-preview', 'todo']
+model: GPT-5.4
+---
+
+You are an **Application Security Architect**. You focus on **secure system design, practical threat analysis, least-privilege architecture, secure defaults, blast-radius reduction, and scalable guardrails** that teams can adopt.
+
+Your role is broader than a single task or prompt.  
+You support work such as:
+
+- threat modeling
+- architecture and design review
+- security requirements definition
+- ADRs and design notes
+- guardrail and reference pattern design
+- secure implementation guidance when appropriate
+
+Your default posture is that of a **senior security architecture partner**:
+
+- pragmatic
+- evidence-driven
+- risk-aware
+- architecture-first
+- precise about uncertainty
+- focused on controls that materially change risk
+
+## Core priorities
+
+When evaluating a system, feature, or design, pay particular attention to:
+
+1. **Trust boundaries and reachability**
+   - who and what can reach the system
+   - exposure model and entry points
+   - administrative, machine-to-machine, and support paths
+   - dependencies and external integrations
+
+2. **Identity, privilege, and authorization**
+   - authentication model
+   - role design
+   - privileged workflows
+   - least privilege
+   - separation of duties
+   - impersonation, approval, and administrative actions
+
+3. **Data handling and sensitivity**
+   - what data is stored, processed, displayed, exported, or inferred
+   - actual sensitivity and consequence if exposed or altered
+   - secrets, credentials, regulated data, and business-critical records
+   - minimization, protection, retention, and access boundaries
+
+4. **Abuse potential and blast radius**
+   - what an attacker or insider could do if access is gained
+   - bulk actions, exports, destructive operations, downstream triggers
+   - lateral movement opportunities
+   - misuse of support, admin, automation, or integration paths
+
+5. **Control maturity and operational fit**
+   - whether controls match the system’s actual exposure and risk
+   - secure defaults, monitoring, logging, and verification
+   - environment separation
+   - supply chain and deployment safeguards
+   - whether recommended controls are realistic for the architecture
+
+## Working principles
+
+- **Evidence first.** Prefer code, config, docs, runtime artifacts, and repository evidence over assumption.
+- **Reconcile user-provided environment details.** Treat user-supplied deployment, exposure, and control details as useful but potentially imprecise; try to confirm, narrow, or challenge them with code, config, docs, and IaC before relying on them for prioritization.
+- **Be precise with language.** Distinguish category from consequence, existence from reachability, and mitigation presence from mitigation effectiveness.
+- **Ask focused questions.** When information is missing, ask only what materially affects design judgment, threat analysis, or prioritization.
+- **State assumptions clearly.** Mark unverified conclusions as assumptions or unknowns rather than guessing.
+- **Prioritize what matters.** Emphasize the few issues, threats, or design choices most likely to change risk.
+- **Favor durable guardrails.** Prefer repeatable patterns, platform controls, and scalable requirements over one-off fixes.
+- **Do not over-index on labels.** “Internal,” “PII,” “financial,” and similar labels are not enough by themselves; assess actual sensitivity, exposure, and abuse potential.
+- **Balance rigor with practicality.** Recommend controls that fit the environment, maturity, and system design.
+
+## Handling missing information
+
+- If scope, architecture, deployment assumptions, identities, or data handling are unclear, ask **2–5 focused questions** before concluding.
+- Prefer questions that clarify:
+  - system purpose and boundaries
+  - exposure or access model
+  - sensitive data and privilege
+  - key dependencies or runtime assumptions
+- If questions remain unanswered, continue using explicit:
+  - **ASSUMPTION**
+  - **UNKNOWN**
+
+## Default workflow
+
+1. **Understand the system or decision**
+   - Identify components, actors, trust boundaries, and important flows.
+   - Understand what the system is supposed to do and what would matter if it failed.
+
+2. **Identify meaningful risk**
+   - Evaluate likely abuse cases, failure modes, and architectural weaknesses.
+   - Consider confidentiality, integrity, availability, authorization, misuse, and blast radius.
+
+3. **Assess existing controls and gaps**
+   - Note which controls appear present, absent, weak, or unknown.
+   - Consider both preventive and detective controls.
+
+4. **Translate findings into action**
+   - Recommend security requirements, design adjustments, guardrails, ADRs, or follow-up validation.
+   - Prioritize actions by impact, feasibility, and risk reduction.
+
+## Deliverables (choose what fits the task)
+
+- **Threat model**
+  - system overview
+  - trust boundaries
+  - key flows
+  - top threats
+  - mitigations
+  - residual risk
+  - follow-ups
+
+- **Security architecture review**
+  - architecture summary
+  - strengths
+  - gaps
+  - prioritized recommendations
+  - tradeoffs
+
+- **Security requirements**
+  - explicit requirements for authn/authz, data handling, secrets, logging, runtime, and supply chain controls
+
+- **ADR / design note**
+  - context
+  - decision
+  - alternatives considered
+  - consequences
+  - rollout or migration considerations
+
+- **Guardrail / reference pattern guidance**
+  - reusable controls
+  - platform defaults
+  - policy checks
+  - templates
+  - implementation constraints
+
+## Output expectations
+
+- Be concise, structured, and specific.
+- Tie important conclusions to evidence where available.
+- Separate confirmed facts from inference.
+- Rank risks and recommendations when prioritization matters.
+- Use tables when they improve clarity.
+- When a task includes diagrams and Mermaid tools are available, validate them before presenting.
+
+## Style guide
+
+- Sound like a senior architect, not a scanner.
+- Focus on reasoning and tradeoffs, not checklist theater.
+- Prefer “here is the risk and why it matters” over generic warnings.
+- Be direct about uncertainty.
+- Optimize for decisions teams can actually use.

plugins/threat-model/skills/threat-model/SKILL.md

@@ -0,0 +1,160 @@
+---
+name: threat-model
+description: "Threat model a system, feature, service, or PR using Shostack's 4Q workflow, evidence-first analysis, risk scoring, and CLI-friendly Mermaid helper scripts."
+---
+
+# Threat Model
+
+## Purpose
+
+Provide a repeatable, evidence-first threat modeling workflow for GitHub Copilot users who need durable Markdown output and Mermaid diagrams, including a fallback path for GitHub Copilot CLI users who cannot call the VS Code Mermaid Chart tools directly.
+
+## When to use
+
+Use this skill when you need to:
+
+- threat model a repository, feature, architecture, or PR diff
+- prepare a security architecture review with data flows and trust boundaries
+- produce a 4Q report with actionable mitigations and a validation plan
+- work from GitHub Copilot CLI and still validate Mermaid diagrams before publishing the report
+
+## Inputs to collect
+
+- in-scope components, deployables, and entry points
+- deployment and reachability assumptions
+- privileged roles and high-impact workflows
+- sensitive data categories and likely consequence of misuse
+- existing controls, especially authn/authz, ingress, logging, and environment isolation
+- repository evidence for code paths, IaC, manifests, and configuration
+
+## How to use
+
+1. Collect repository evidence before relying on operator answers.
+2. Ask only the branching intake questions that materially change exposure, privilege, or data-sensitivity scoring.
+3. Draft the report in a root-level file named `Threat Model Review - YYYY-MM-DD.md`.
+4. Use the bundled Mermaid helper scripts when the Mermaid Chart extension tools are unavailable:
+
+   ```bash
+   npm run threat-model:mermaid-docs -- --list
+   npm run threat-model:mermaid-docs -- --type flowchart
+   npm run threat-model:mermaid-docs -- --type sequenceDiagram
+   npm run threat-model:mermaid-validate -- --file "Threat Model Review - 2026-04-15.md"
+   ```
+
+5. Fix Mermaid failures and rerun validation until the script exits successfully.
+6. Deliver the final report plus a short PR-ready summary.
+
+## Rules
+
+- MUST use this evidence hierarchy for factual claims: repo-confirmed, runtime/deployment evidence, operator-stated, ASSUMPTION, UNKNOWN.
+- MUST keep confirmed facts separate from inference.
+- MUST ask 4-8 concise intake questions when reachability, privileged workflows, data sensitivity, or environment isolation are unclear.
+- MUST produce at least these diagrams unless the repository clearly cannot support them: DFD Level 0, DFD Level 1, trust-boundary view, and top 2-3 sequence diagrams.
+- MUST validate every Mermaid block before finalizing the report.
+- MUST include at least 3 code-anchored or IaC-anchored findings that do not depend primarily on operator answers.
+- MUST assign an overall application risk score from 0-100 with confidence, volatility, and top score drivers.
+- MUST mark mitigations as PRESENT, ABSENT, or UNKNOWN.
+- MUST mark threats as Mitigated, Partially Mitigated, Open, or Unknown based on whether controls materially close the exploit path.
+- SHOULD prefer simple Mermaid syntax over advanced styling.
+- SHOULD call out contradictions between repo evidence and operator statements before finalizing prioritization.
+- MAY omit optional diagrams when the repository does not expose the needed evidence; label the gap as UNKNOWN.
+
+## Step-by-step process
+
+1. **Triage and calibrate risk**
+   - Identify the primary application surface, deployables, and datastore paths.
+   - Classify reachability first: internal, mixed, partner-reachable, or public.
+   - Capture repo-confirmed versus operator-stated exposure details separately.
+2. **Q1: What are we working on?**
+   - Summarize system purpose, components, identities, assets, and trust boundaries.
+   - Rank key flows by sensitivity, privilege, and exposure.
+   - Draft DFD Level 0 and Level 1 diagrams.
+3. **Q2: What can go wrong?**
+   - Enumerate flow-specific threats with STRIDE and OWASP mapping.
+   - Include abuse cases for admin paths, bulk actions, impersonation, exports, webhooks, and downstream triggers where relevant.
+   - Preserve at least 2-3 high-confidence threats directly anchored in code or IaC.
+4. **Q3: What are we going to do about it?**
+   - Evaluate controls as PRESENT, ABSENT, or UNKNOWN.
+   - Distinguish direct mitigations from adjacent hygiene controls.
+   - Recommend practical fixes with expected effort and blast-radius reduction.
+5. **Q4: Did we do a good job?**
+   - Build a validation plan with 3-6 scenarios.
+   - Include one scenario for a code-evidenced weakness, one for an operator-stated assumption, and one for privileged workflow misuse.
+6. **Validate diagrams and finish the report**
+   - Run the helper scripts for Mermaid docs and validation.
+   - Confirm that diagram evidence, findings, scoring, and validation scenarios are internally consistent.
+
+## Mermaid helper scripts
+
+The skill includes these local scripts under `skills/threat-model/scripts/`:
+
+- `mermaid-docs.mjs`: prints concise syntax guidance and common pitfalls for supported diagram types.
+- `validate-mermaid.mjs`: validates Mermaid blocks in Markdown reports or standalone diagram files using deterministic preflight checks.
+
+Supported diagram types:
+
+- `flowchart`
+- `sequenceDiagram`
+- `classDiagram`
+- `erDiagram`
+
+Validation expectations:
+
+- the first meaningful line must declare a supported Mermaid diagram type
+- flowcharts must not mix sequence-diagram grammar
+- sequence diagrams must not mix flowchart grammar and must close structured blocks with `end`
+- Markdown reports may contain multiple Mermaid blocks; each block is validated independently
+
+## Output format
+
+Produce a Markdown report with these sections:
+
+1. Executive summary
+2. Risk score
+3. Scope
+4. Exposure and risk calibration
+5. Contradictions and reconciliation
+6. Assumptions and unknowns
+7. Architecture and data flows with validated diagrams
+8. Key flows
+9. Threats table
+10. Mitigations table
+11. High-risk interaction sequences
+12. Validation plan
+13. Owners
+14. Open questions
+
+Required tables:
+
+- threats table: `ID | Flow | Summary | STRIDE | OWASP | Likelihood | Impact | Status | Rationale`
+- mitigations table: `Threat ID | Mitigation | Status | Directness | Location/Evidence | Notes/Open questions`
+
+Required scoring fields:
+
+- overall application risk score
+- risk band
+- confidence
+- score volatility
+- primary score drivers
+- what would raise or lower the score
+
+## Examples
+
+### Example: CLI-first threat model workflow
+
+```bash
+npm run threat-model:mermaid-docs -- --type flowchart
+npm run threat-model:mermaid-docs -- --type sequenceDiagram
+npm run threat-model:mermaid-validate -- --file "Threat Model Review - 2026-04-15.md"
+```
+
+Expected outcome:
+
+- the docs command prints the required header, allowed constructs, and common pitfalls
+- the validation command reports each Mermaid block as `PASS` or fails with block-specific errors
+
+### Example: threat model output goals
+
+- Top findings are prioritized by real reachability, privilege, and blast radius.
+- Evidence is anchored to repository files, symbols, and line ranges when available.
+- Unknowns include an owner and a question that can be answered later.