Works with the AI tools you already use
Attack Tree Construction
by LocoLoboZ
Generate structured, scored attack trees with AND/OR logic to visualize threat paths and identify security gaps.
$10
· or 50 creditsSecure checkout via Stripe
About this skill
Systematic Threat Path Visualization
Modern security architecture requires more than just a list of risks; it requires a deep understanding of the logical paths an attacker takes to reach a goal. This skill automates the construction of structured attack trees, allowing developers and security engineers to decompose complex threats into atomic, measurable steps.
What it does
- Logical Decomposition: Breaks down high-level objectives into sub-goals using strict AND/OR node logic.
- Attribute Scoring: Evaluates every leaf node based on time, cost, technical skill required, and detection probability.
- Path Analysis: Automatically identifies the "Path of Least Resistance" (lowest cost) and the "Stealthiest Path" (lowest detection).
- Defensive Mapping: Overlays existing controls onto the tree to highlight gaps where no mitigations exist.
Why use this skill?
Manually drawing attack trees is time-consuming and prone to logic errors. This skill ensures consistency in your threat models by enforcing atomic leaf nodes and valid Boolean logic. It serves as a bridge between high-level risk assessments and technical red-teaming, providing a clear visual or data-driven output (JSON, Mermaid, or Python models) that can be integrated into CI/CD security reviews or architecture documentation.
Supported Outputs
The skill can produce structured text trees, Mermaid.js diagrams for GitHub/Notion, JSON for programmatic analysis, or Python data models for Monte Carlo simulations.
Details
How to install
Drop the file into your AI Agent. Works with Claude, Cursor, ChatGPT, and 20+ more.
Security Scanned
Passed automated security review
Permissions
File Scopes
Creator
I design and publish skills built from real professional practice across three areas: cyber security consulting, business operations, and AI workflow engineering. My cyber security skills draw on active advisory work spanning governance, risk, compliance, assurance, and executive reporting. They are built for practitioners who need structured, defensible outputs - not generic templates. My business operations skills cover the day-to-day work of running a consulting practice: bookkeeping, financial tracking, expense reconciliation, and marketing content - designed to reduce repetitive overhead and keep outputs consistent. My AI platform and workflow skills are built for people who want to get more out of Claude and similar platforms - covering prompt engineering, skill architecture, automation pipelines, and agent enhancement. Every skill I publish has been tested in production use before it reaches the marketplace. If it is here, it works.
Frequently Asked Questions
More Premium Skills
Bounty Security Pattern Master Library — 399 Vulnerability Patterns
A premium library of 399 vulnerability patterns and DeFi attack vectors for AI-driven bug hunting and security audits.
api-designer
Professional API design and review skill for REST, GraphQL, and event-driven architectures.

Business Strategist
A framework-driven consultant for business diagnosis, market mapping, and pricing strategy.
designing-hybrid-context-layers
Architects the right retrieval strategy for every query — teaching your agent when to use RAG, a knowledge graph, or a temporal index instead of defaulting to vector search for everything.