Security●●Solid
Secure SDLC Agents for Claude and Cursor (MCP)
Eight specialist agents catch what Claude Code misses, but it's prompts not actual code analysis.
Niche GemSolve My Problem
kirumachi
102mo ago
Back to browse
10-min AI threat model (STRIDE and MAESTRO), assumption-driven
by agairola·Feb 12, 2026·1 point·0 comments
AI Analysis
●●SolidNiche GemSolve My Problem
The Take
Maps AI-specific threats (including MAESTRO/agentic risks) to STRIDE and spits out a concise PDF with data flows, a 5x5 risk matrix, and compliance pointers — useful for teams that need a fast, documented starting point. The smart part is surfacing and labeling assumptions so reviewers can correct the model; what's missing is transparency about how those assumptions affect risk scores and integrations (editable diagrams, CI/CD hooks, or sample reports would sell it).
Category
Target Audience
Product and engineering teams, startup founders, PMs and small security-conscious teams shipping AI features without a dedicated security engineer
Post Description
Hi HN, I built an assumption-driven AI security assessment for teams shipping AI features without a dedicated security team yet.
You paste your AI use case (what it does, data types, vendors, deployment). In ~10 minutes you get a PDF report by email containing: - Trust boundaries + data flows + a threat model diagram (explicitly marked as conceptual/assumption-based) - Threats mapped to STRIDE + MAESTRO (agentic AI) - A risk rating (impact/likelihood) + 5×5 risk matrix - Recommended security controls and compliance mappings (example: EU AI Act, NIST AI 600-1)
Important: we make assumptions (ex: AWS deployment, common patterns) and we call them out in the report so you can correct them.
Link: https://raxit.ai/assessment
Would love feedback on what’s wrong, what’s missing, and what would make this actually useful in a real security review.
Similar Projects
Design●●Solid
Napkin – desktop app for quick diagrams, with MCP support
Napkin keeps everything local while giving you an embeddable MCP endpoint so AI agents can draw and edit diagrams at http://127.0.0.1:21420/mcp. It combines Excalidraw-style hand-drawn tooling (rough.js, connectors, grid snapping, PNG/SVG export) with a Tauri/Rust desktop shell and delta-compressed version snapshots — a neat, concrete take on AI-assisted diagramming, though its impact hinges on MCP adoption and the surrounding agent ecosystem.
Niche GemWizardry
ipcrm
303mo ago
Security●●Solid
TMDD – continuous threat modelling that makes your code more secure
Threat models as code with AI-agent integration, but addresses a niche audience within security.
Big BrainNiche GemSolve My Problem
attasec
303mo ago
Security●●Solid
GuardLink – A threat model that lives in your source code
Threat models that auto-update with your code via AI-maintained annotations.
Solve My ProblemBig BrainShip It
animesh93
213mo ago
Developer Tools●Mid
Mermaid Studio – preview and fix broken mermaid diagrams
Yet another Mermaid editor when mermaid.live already does this free with more features.
Ship It
Igor_Wiwi
4310d ago
Developer Tools●●Solid
TLD – codebase visualization and software diagramming to manage slop
Agent-powered diagram generation from codebases beats manual C4 modeling.
Big BrainSolve My Problem
mertcikla
3012d ago