← Back to docs
Recipe

STRIDE threat-model generator

Generate a structured threat model from a system description using the STRIDE methodology.

Overview

This recipe takes a plain-English description of your system and produces a STRIDE threat model covering Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, and Elevation of Privilege.

Input

A paragraph describing your system architecture, data flows, trust boundaries, and external dependencies.

Output

  • Threat table with STRIDE category per row
  • Affected component and data flow
  • Severity rating (Low / Medium / High / Critical)
  • Suggested mitigations

Example prompt

A web app with a React frontend, Node.js API, PostgreSQL database, and Stripe for payments. Users authenticate via OAuth2 with Google. The API runs on AWS ECS behind an ALB.

Usage

Paste your system description into the Meridian prompt editor, select this recipe from the library, and run. Review the generated table, adjust severities, and export as CSV or Markdown.

← All recipes