Security Requirement Extraction
Security Requirement Extraction is an design AI skill with a core value of Derive security requirements from threat models and business context. It
helps developers solve real-world problems in the design domain, boosting
efficiency, automating repetitive tasks, and optimizing workflows.
Derive security requirements from threat models and business context. Use when translating threats into actionable requirements, creating security user stories, or building security test cases.
Quick Facts
mkdir -p ./skills/security-requirement-extraction && curl -sfL https://raw.githubusercontent.com/sickn33/antigravity-awesome-skills/main/skills/security-requirement-extraction/SKILL.md -o ./skills/security-requirement-extraction/SKILL.md Run in terminal / PowerShell. Requires curl (Unix) or PowerShell 5+ (Windows).
Skill Content
# Security Requirement Extraction
Transform threat analysis into actionable security requirements.
Use this skill when
- Converting threat models to requirements
- Writing security user stories
- Creating security test cases
- Building security acceptance criteria
- Compliance requirement mapping
- Security architecture documentation
Do not use this skill when
- The task is unrelated to security requirement extraction
- You need a different domain or tool outside this scope
Instructions
- Clarify goals, constraints, and required inputs.
- Apply relevant best practices and validate outcomes.
- Provide actionable steps and verification.
- If detailed examples are required, open `resources/implementation-playbook.md`.
Resources
- `resources/implementation-playbook.md` for detailed patterns and examples.
🎯 Best For
- Security auditors
- DevSecOps teams
- Compliance officers
- QA engineers
- Developers writing unit tests
💡 Use Cases
- Auditing dependencies for known CVEs
- Scanning API endpoints for auth gaps
- Generating test cases for edge conditions
- Writing integration test suites
📖 How to Use This Skill
- 1
Install the Skill
Copy the install command from the Terminal tab and run it. The SKILL.md file downloads to your local skills directory.
- 2
Load into Your AI Assistant
Open Claude and reference the skill. Paste the SKILL.md content or use the system prompt tab.
- 3
Apply Security Requirement Extraction to Your Work
Provide context for your task — paste source material, describe your audience, or share existing work to guide the AI.
- 4
Review and Refine
Edit the AI output for accuracy, tone, and completeness. Add human insight where the AI lacks context.
❓ Frequently Asked Questions
Can this replace a dedicated SAST tool?
AI-based security review is complementary to SAST tools. Use it as a first-pass filter, not a replacement.
Does this generate test mocks?
Many testing skills include mock generation. Check the install command and skill content for details.
Does this work with Figma?
Some design skills integrate with Figma plugins. Check the Works With section for supported tools.
Does Security Requirement Extraction generate production-ready design specs?
It generates detailed specifications that developers can use directly. Review and adjust for your specific design system.
How do I install Security Requirement Extraction?
Copy the install command from the Terminal tab and run it. The skill downloads to ./skills/security-requirement-extraction/SKILL.md, ready to use.
⚠️ Common Mistakes to Avoid
Only scanning surface-level issues
Deep security review requires understanding your app architecture, not just regex patterns.
Not testing edge cases
AI tends to generate happy-path tests. Manually review for boundary conditions.
Skipping usability testing
AI-generated designs should be validated with real users before development.
Not reading the full skill
Skills contain important context and edge cases beyond the quick start.