{"slug":"threagile-threagile","name":"Threagile","description":"Agile Threat Modeling Toolkit","tagline":"Agile Threat Modeling Toolkit","category":"finance","tags":["finance","risk-management","agile","architecture","cicd","devsecops","infosec","risk-analysis","security","threagile"],"author":{"name":"Threagile","verified":false,"url":"https://github.com/Threagile"},"attribution":{"status":"community_indexed","statusLabel":"Community indexed","shortLabel":"COMMUNITY INDEXED","sourceLabel":"GitHub star discovery","sourceDetail":"Threagile/threagile","creatorName":"Threagile","creatorUrl":"https://github.com/Threagile","sourceUrl":"https://github.com/Threagile/threagile","indexedBy":"OpenAgentSkill community index","claimUrl":"https://www.openagentskill.com/skills/threagile-threagile#claim-this-skill","claimCta":"Claim this skill","trustNote":"This listing was indexed from public sources and is not marked official until a maintainer claim is approved.","publicNote":"Attribution links to the public repository or creator profile. Creators can claim the listing to update ownership signals."},"stats":{"stars":768,"forks":167,"downloads":0,"rating":0,"review_count":0,"quality_score":50.9},"quality":{"score":80,"tier":"strong","label":"Strong","summary":"Solid option that is likely worth shortlisting for production workflows.","signals":[{"label":"GitHub stars","value":"768","tone":"positive"},{"label":"Freshness","value":"2mo ago","tone":"positive"},{"label":"Install ready","value":"Yes","tone":"positive"},{"label":"License","value":"MIT","tone":"neutral"}],"warnings":[]},"trust":{"version":"trust-score-v3","score":84,"tier":"strong","label":"Strong shortlist","summary":"Good trust signals with a few areas worth checking before rollout.","recommendedAction":"Test in a sandbox workflow and compare its install path with close alternatives.","dimensions":[{"id":"github_adoption","label":"GitHub adoption","score":76,"weight":0.13,"status":"info","detail":"768 GitHub stars"},{"id":"repo_activity","label":"Stars/forks activity","score":71,"weight":0.08,"status":"info","detail":"768 stars, 167 forks; issue activity unavailable in current metadata"},{"id":"maintenance","label":"Recent maintenance","score":88,"weight":0.14,"status":"pass","detail":"2mo since push"},{"id":"license","label":"License clarity","score":86,"weight":0.09,"status":"pass","detail":"MIT"},{"id":"documentation","label":"README/SKILL.md completeness","score":74,"weight":0.14,"status":"info","detail":"Public metadata needs stronger README/SKILL.md context"},{"id":"dependency_risk","label":"Dependency/runtime risk","score":90,"weight":0.12,"status":"pass","detail":"no major dependency risk hints in public metadata"},{"id":"installability","label":"Install availability","score":92,"weight":0.1,"status":"pass","detail":"npx skills add Threagile/threagile"},{"id":"install_safety","label":"Install command safety","score":92,"weight":0.1,"status":"pass","detail":"standard package or runtime install path"},{"id":"permission_surface","label":"Permission surface","score":86,"weight":0.07,"status":"pass","detail":"filesystem or document access"},{"id":"repository","label":"Repository evidence","score":86,"weight":0.04,"status":"pass","detail":"https://github.com/Threagile/threagile"},{"id":"review_status","label":"Review status","score":88,"weight":0.05,"status":"pass","detail":"AI review data available"}],"checks":[{"status":"info","label":"GitHub adoption","detail":"768 GitHub stars"},{"status":"info","label":"Stars/forks activity","detail":"768 stars, 167 forks; issue activity unavailable in current metadata"},{"status":"pass","label":"Recent maintenance","detail":"2mo since push"},{"status":"pass","label":"License clarity","detail":"MIT"},{"status":"info","label":"README/SKILL.md completeness","detail":"Public metadata needs stronger README/SKILL.md context"},{"status":"pass","label":"Dependency/runtime risk","detail":"no major dependency risk hints in public metadata"},{"status":"pass","label":"Install availability","detail":"npx skills add Threagile/threagile"},{"status":"pass","label":"Install command safety","detail":"standard package or runtime install path"},{"status":"pass","label":"Permission surface","detail":"filesystem or document access"},{"status":"pass","label":"Repository evidence","detail":"https://github.com/Threagile/threagile"},{"status":"pass","label":"Review status","detail":"AI review data available"},{"status":"warn","label":"Ownership","detail":"No approved owner claim yet"},{"status":"info","label":"OpenAgentSkill usage","detail":"No local usage activity yet"}],"strengths":["AI review approved","Install path is available","Repository evidence is available","Recently maintained repository","Meaningful GitHub adoption signal","Install command has no obvious high-risk pattern"],"warnings":["Quality score needs review","Documentation summary is thin"],"evidence":{"stars":"768 GitHub stars","repoActivity":"768 stars, 167 forks","lastPushed":"2mo since push","license":"MIT","repository":"https://github.com/Threagile/threagile","install":"npx skills add Threagile/threagile","installSafety":"standard package or runtime install path","permissionSurface":"filesystem or document access","documentation":"Usable metadata, review docs"},"installReadiness":{"ready":true,"command":"npx skills add Threagile/threagile","policy":"human_review_before_install","label":"Human review before install","notes":["Install path is available","Repository evidence is available","License is declared","2mo since push"]},"agentCompatibility":["Go","Risk Management","Codex","Claude Code","Cursor","OpenAgentSkill CLI"],"riskSummary":{"level":"medium","label":"Review before production","notes":["Quality score needs review","Documentation summary is thin"]}},"safety":{"score":69,"level":"review_before_install","label":"Review before install","safety_tier":{"tier":"reviewed","label":"Reviewed","badge":"REVIEWED","summary":"Good audit and safety signals with no high-risk permission hints in public metadata.","recommended_action":"Review the audit page, then allow agent install in a sandboxed workflow.","auto_install_policy":"review","reasons":["Safe-to-try audit","69/100 agent safety score"]},"auto_install_allowed":false,"human_review_required":true,"blocked":false,"audit_risk":"safe_to_try","permission_hints":[{"id":"network","label":"Network access","reason":"Skill likely fetches remote pages, APIs, repositories, or external services.","severity":"medium"},{"id":"filesystem","label":"Filesystem access","reason":"Skill may read or write project files, documents, generated artifacts, or local workspace state.","severity":"medium"}],"policy_warnings":["Quality score needs review"],"constraints_applied":{"max_risk":"medium","needs_install_command":true,"min_stars":0}},"safety_gate":{"tier":"reviewed","label":"Reviewed","badge":"REVIEWED","auto_install_policy":"review","auto_install_allowed":false,"human_review_required":true,"blocked":false,"recommended_action":"Review the audit page, then allow agent install in a sandboxed workflow.","reasons":["Safe-to-try audit","69/100 agent safety score"]},"supply_profile":{"track":{"slug":"finance","label":"Finance and quant workflows","shortLabel":"Finance","description":"Market data, SEC filings, portfolio analysis, quant research, backtesting, and risk workflows."},"scenario":{"label":"Finance and quant","description":"I need my agent to analyze markets, financial data, filings, portfolios, and quant strategies.","useCases":[{"slug":"github-automation","title":"GitHub automation"},{"slug":"coding-agents","title":"Coding agents"},{"slug":"rag-knowledge","title":"RAG and knowledge"}]},"applicableAgents":["Claude Code","CLI","Codex","Cursor","Go"],"install":{"ready":true,"command":"npx skills add Threagile/threagile","primaryTarget":"CLI","targetCount":4},"githubQuality":{"stars":768,"starsLabel":"768","forks":167,"license":"MIT","qualityScore":80,"trustScore":84,"auditScore":85},"maintenance":{"status":"active","label":"2mo since push","daysSincePush":69,"lastPushedAt":"2026-04-08T18:30:26+00:00"},"risk":{"level":"safe_to_try","label":"Safe to try","requiresReview":true,"notes":["Quality score needs review","Documentation summary is thin"]},"coverageTags":["Finance","Finance and quant","risk-management","agile","architecture","cicd","devsecops","infosec"]},"audit":{"audit_score":85,"risk_level":"safe_to_try","risk_label":"Safe to try","warnings":["Quality score needs review","Documentation summary is thin"]},"decision":{"readiness_score":91,"readiness_label":"Production-ready","headline":"Primary pick for GitHub automation","role":"Primary pick","primary_fit":"GitHub automation","best_for":["GitHub automation workflows","Claude Code teams","teams that value GitHub adoption signals"],"risks":["No OpenAgentSkill engagement data yet"],"next_steps":["Install it in a sandbox agent and run one GitHub automation task end to end.","Compare output quality, latency, and failure behavior against at least one alternative.","Promote it into production only after reviewing repository permissions, license, and maintenance signals."]},"platforms":["Go","Risk Management","Claude Code"],"use_cases":[{"slug":"github-automation","title":"GitHub automation","url":"https://www.openagentskill.com/use-cases/github-automation"},{"slug":"coding-agents","title":"Coding agents","url":"https://www.openagentskill.com/use-cases/coding-agents"},{"slug":"rag-knowledge","title":"RAG and knowledge","url":"https://www.openagentskill.com/use-cases/rag-knowledge"},{"slug":"workflow-automation","title":"Workflow automation","url":"https://www.openagentskill.com/use-cases/workflow-automation"}],"install":"npx skills add Threagile/threagile","install_targets":[{"id":"openagentskill-cli","label":"CLI","title":"OpenAgentSkill CLI","kind":"command","value":"npx skills add Threagile/threagile","description":"Use the registry command when your workflow supports the OpenAgentSkill installer.","copyLabel":"Copy command"},{"id":"codex","label":"Codex","title":"Codex install prompt","kind":"agent-prompt","value":"Install the \"Threagile\" agent skill from https://github.com/Threagile/threagile. Read its SKILL.md or equivalent instructions first, install only the files needed for this workspace, and summarize any required setup before using it. Skill purpose: Agile Threat Modeling Toolkit","description":"Give Codex a repo-aware install prompt when the skill is not available through a local CLI.","copyLabel":"Copy prompt"},{"id":"claude-code","label":"Claude Code","title":"Claude Code skill prompt","kind":"agent-prompt","value":"Add \"Threagile\" as a Claude Code skill from https://github.com/Threagile/threagile. Inspect the skill instructions, place the reusable skill files in the appropriate local skills location for this project, and report the activation steps. Skill purpose: Agile Threat Modeling Toolkit","description":"Use this prompt to ask Claude Code to add the skill and explain the local activation steps.","copyLabel":"Copy prompt"},{"id":"cursor","label":"Cursor","title":"Cursor rule prompt","kind":"agent-prompt","value":"Turn \"Threagile\" from https://github.com/Threagile/threagile into a reusable Cursor project rule or agent instruction. Preserve the core workflow, adapt paths to this repo, and keep the rule scoped to tasks where it is relevant. Skill purpose: Agile Threat Modeling Toolkit","description":"Use this when installing as Cursor project rules or reusable agent instructions.","copyLabel":"Copy prompt"}],"repository":"https://github.com/Threagile/threagile","github_repo":"Threagile/threagile","version":"1.0.0","license":"MIT","updated_at":"2026-06-14T12:01:19.460907+00:00","canonical_key":"threagile/threagile","recommendation_reasons":["Useful GitHub adoption: 768 stars","Install handoff is available","Repository freshness signal is available"],"urls":{"web":"https://www.openagentskill.com/skills/threagile-threagile","api":"https://www.openagentskill.com/api/agent/skills/threagile-threagile","install_api":"https://www.openagentskill.com/api/skills/threagile-threagile/install","audit":"https://www.openagentskill.com/skills/threagile-threagile/audit","repository":"https://github.com/Threagile/threagile"},"meta":{"endpoint":"/api/registry/manifest/{slug}","canonical_agent_endpoint":"/api/agent/skills/threagile-threagile","agent_friendly":true,"api_version":"1.0","generated_at":"2026-06-17T11:17:03.527Z"}}