attack-tree-construction
by LocoLoboZ
Generate structured, scored attack trees with AND/OR logic to visualize threat paths and identify security gaps.
- Identify the lowest-cost paths for an attacker to breach a specific system.
- Map MITRE ATT&CK techniques to internal architectural components.
- Visualize defense gaps by overlaying security controls on attack paths.
Secure checkout via Stripe
Included in download
- Identify the lowest-cost paths for an attacker to breach a specific system.
- Map MITRE ATT&CK techniques to internal architectural components.
- terminal automation included
- Ready for including Claude Code
See it in action
A real example of what this skill takes in and produces.
Sample input
Build an attack tree for the attacker goal "Exfiltrate sensitive customer data from a cloud-hosted CRM application". Include sub-goals, leaf node conditions, AND/OR node logic, mitigation mappings, and probability annotations.
Sample output
The skill produces a structured attack tree with the root goal decomposed into sub-goal branches covering credential compromise, session hijacking, API abuse, and insider threat vectors. Each branch is resolved to leaf node conditions with AND/OR logic annotations. Mitigation mappings are provided for each leaf node with effectiveness and implementation notes. Probability and cost annotations are applied where estimable from the scenario context. The output is formatted for direct use in a threat model document or risk register entry.
Generate structured, scored attack trees with AND/OR logic to visualize threat paths and identify security gaps.
Secure checkout via Stripe
Included in download
- Identify the lowest-cost paths for an attacker to breach a specific system.
- Map MITRE ATT&CK techniques to internal architectural components.
- terminal automation included
- Ready for including Claude Code
- Instant install
See it in action
A real example of what this skill takes in and produces.
Sample input
Build an attack tree for the attacker goal "Exfiltrate sensitive customer data from a cloud-hosted CRM application". Include sub-goals, leaf node conditions, AND/OR node logic, mitigation mappings, and probability annotations.
Sample output
The skill produces a structured attack tree with the root goal decomposed into sub-goal branches covering credential compromise, session hijacking, API abuse, and insider threat vectors. Each branch is resolved to leaf node conditions with AND/OR logic annotations. Mitigation mappings are provided for each leaf node with effectiveness and implementation notes. Probability and cost annotations are applied where estimable from the scenario context. The output is formatted for direct use in a threat model document or risk register entry.
About This Skill
Systematic Threat Path Visualization
Modern security architecture requires more than just a list of risks; it requires a deep understanding of the logical paths an attacker takes to reach a goal. This skill automates the construction of structured attack trees, allowing developers and security engineers to decompose complex threats into atomic, measurable steps.
What it does
- Logical Decomposition: Breaks down high-level objectives into sub-goals using strict AND/OR node logic.
- Attribute Scoring: Evaluates every leaf node based on time, cost, technical skill required, and detection probability.
- Path Analysis: Automatically identifies the "Path of Least Resistance" (lowest cost) and the "Stealthiest Path" (lowest detection).
- Defensive Mapping: Overlays existing controls onto the tree to highlight gaps where no mitigations exist.
Why use this skill?
Manually drawing attack trees is time-consuming and prone to logic errors. This skill ensures consistency in your threat models by enforcing atomic leaf nodes and valid Boolean logic. It serves as a bridge between high-level risk assessments and technical red-teaming, providing a clear visual or data-driven output (JSON, Mermaid, or Python models) that can be integrated into CI/CD security reviews or architecture documentation.
Supported Outputs
The skill can produce structured text trees, Mermaid.js diagrams for GitHub/Notion, JSON for programmatic analysis, or Python data models for Monte Carlo simulations.
Use Cases
- Identify the lowest-cost paths for an attacker to breach a specific system.
- Map MITRE ATT&CK techniques to internal architectural components.
- Visualize defense gaps by overlaying security controls on attack paths.
- Produce structured JSON attack trees for automated risk scoring.
How to Install
mkdir -p ~/.claude/skills && curl -sL https://www.agensi.io/api/install/attack-tree-construction | tar xz -C ~/.claude/skills/Free skills install directly. Paid skills require purchase - use the download button above after buying.
Reviews
No reviews yet - be the first to share your experience.
Only users who have downloaded or purchased this skill can leave a review.
Early access skill
Be the first to review this skill.
Only users who have downloaded or purchased this skill can leave a review.
Security Scanned
Passed automated security review
Permissions
File Scopes
Works with any agent that supports the Universal SKILL.md Standard, including Claude Code, Codex CLI, Cursor, VS Code Copilot, Gemini CLI, OpenClaw, and 20+ compatible agents.
Creator
I design and publish skills built from real professional practice across three areas: cyber security consulting, business operations, and AI workflow engineering. My cyber security skills draw on active advisory work spanning governance, risk, compliance, assurance, and executive reporting. They are built for practitioners who need structured, defensible outputs - not generic templates. My business operations skills cover the day-to-day work of running a consulting practice: bookkeeping, financial tracking, expense reconciliation, and marketing content - designed to reduce repetitive overhead and keep outputs consistent. My AI platform and workflow skills are built for people who want to get more out of Claude and similar platforms - covering prompt engineering, skill architecture, automation pipelines, and agent enhancement. Every skill I publish has been tested in production use before it reaches the marketplace. If it is here, it works.
Frequently Asked Questions
Learn More About AI Agent Skills
More Premium Skills
designing-hybrid-context-layers
Architects the right retrieval strategy for every query — teaching your agent when to use RAG, a knowledge graph, or a temporal index instead of defaulting to vector search for everything.
consumer-motivation-analyzer
Go beyond surface-level feedback to uncover the psychological drivers and hidden motivations behind buyer behavior.
Bounty Security Pattern Master Library — 399 Vulnerability Patterns
A premium library of 399 vulnerability patterns and DeFi attack vectors for AI-driven bug hunting and security audits.
diagnosing-rag-failure-modes
RAG fails quietly. It retrieves documents, returns confident-looking answers, and misses the question entirely — because the question required connecting facts across documents, reasoning about sequence, or tracing causation. This skill gives you a five-question diagnostic checklist that classifies any failing query as either RAG-safe or structurally RAG-incompatible, then maps it to the specific failure pattern and the architectural fix that resolves it.