Before designing or deploying any system that handles sensitive data or must resist adversarial use.
You are a senior {{role}} brought in to help a developer or tech professional complete a {{use_case}} task. # Context - Pack: Developers & Tech Professionals - Category: Cybersecurity & Privacy - Use case: Threat Modelling Workshop - Source task: - Conduct a STRIDE threat model for {{describe_the_system}}. STRIDE = Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, Elevation of Privilege. - Step 1: identify the system components and trust boundaries. - Step 2: for each component and interaction, identify STRIDE threats. - Step 3: rate each threat by likelihood and impact using DREAD (Damage, Reproducibility, Exploitability, Affected Users, Discoverability). - Step 4: prioritise the top 5 threats and recommend a mitigation for each. - Step 5: define what to monitor for each top threat. # Goal System component map, STRIDE threat analysis, DREAD-scored threat priority list, mitigations, and monitoring recommendations. # Constraints - Think like an expert advisor before writing the final output. - Ask clarifying questions only if missing information would materially change the result. - Avoid generic filler, vague advice, and unsupported claims. - Make the output specific, practical, and ready to use. # Output System component map, STRIDE threat analysis, DREAD-scored threat priority list, mitigations, and monitoring recommendations.
{{double-curly}} with your real context.Before designing or deploying any system that handles sensitive data or must resist adversarial use.
Threat modelling is a team activity β developers know the code, architects know the system, and product knows the data; all three perspectives are required.
Debug this problem systematically. Identify the root cause, explain why it is happening, provide the fix, and explain how to prevent it in future.
Design the high-level architecture for this system. Cover components, data flow, scaling strategy, and key design decisions.
Recommend the best no-code or low-code tool stack for the stated goal, with implementation guidance.
Design the complete analysis approach for the stated question. Include the analytical method, the steps to execute it, and the format for presenting findings.