TMDD – continuous threat modelling that makes your code more secure

My name is Mikolaj and I built tmdd tool, a CLI that keeps an up-to-date threat model of your app (in YAML format) in your repo and generates security-aware prompts for AI coding agents. Here's why:

I am a security engineer. Oftentimes I observed situations where "technical" security levels were pretty high, but the business logic and authorization related issues made the apps pretty vulnerable. In my experience, no SAST or DAST is able to spot this kind of issues; some of them might be captured during the pentests, but the pentests are time-boxed, so you never have the guarantee that everything was thoroughly analysed.

That's why I decided to build this framework (name TMDD is a shortcut for Threat Modeling Driven Development, but it's more than that).

How it works: 1. you init the threat model with <code>tmdd init</code> command - the yaml files that describe the threat model are created in your repo (either empty or from the template). 2. you load threat modeling skill into your coding agent - I tested with Cursor and Claude Code 3. The agent does the threat modeling and updates yaml files 4. IF you want to add a new feature, you can use <code>tmdd feature "feature name"</code> command, that will update the YAML and generate security-focused development prompt, that you can then feed to agent 5. You can generate complete threat model report with diagram using tmdd-report

E.g. without TMDD, you ask Cursor to build a password reset flow and it might ship it without rate limiting or token expiration. With TMDD, the agent gets a prompt that lists those as required controls because they're in the threat model.

And even without the AI workflow, you get a structured, version-controlled threat model - which many appsec teams don't have today :)

Why is matters: 1. It takes Threat Modeling closer to the code - instead of using whiteboard, you do threat modeling with help from AI Agent can refer to exact lines in your codebase. You can also track mitigations and who's reviewed mitigations for the last time 2. It's similar to Claude Code Security in some ways, but works with any agent that has terminal access - no vendor lock-in ;) 3. Threat Model documentation lives alongside your repo and is stored in YAML, so you can version control it, etc. 4. you can build custom <code>catalog.yaml</code> file, and use a catalog of threats for threat modeling of all products at your company

Let me know what do you think about it. Repo is here: https://github.com/attasec/tmdd

We are also working on SaaS version (core remains open-source, but additional features, collaboration tools and UI will be available), you can learn more here: https://attasec.com