sniper-security-audit-
Team Composition
| Member | Process | Technical | Cognitive | Domain |
|---|---|---|---|---|
| threat-modeler | threat-modeler | security | systems-thinker | -- |
| vuln-scanner | vuln-scanner | security | devils-advocate | -- |
Tasks
threat-modeler
Threat Modeling
- ID:
threat-modeling - Output:
threat-model.md
Map the application's attack surface using STRIDE methodology. Identify trust boundaries, data flows, and potential threat vectors. Produce a structured threat model with risk ratings and recommended mitigations.
vuln-scanner
Vulnerability Scanning
- ID:
vulnerability-scanning - Output:
vulnerability-report.md
Perform application-level vulnerability analysis via code review. Check for OWASP Top 10 issues, insecure dependencies, hardcoded secrets, and missing security controls. Produce a vulnerability report with severity ratings and remediation guidance.
Review Gate
- Checklist:
.sniper/checklists/security-review.md - Mode: flexible