AgentSkillsCN

security-threat-model

为仅限代理参与的扑克游戏构建/更新威胁模型:女巫攻击、串通作弊、重放攻击、垃圾信息、超时问题、状态不同步等。

SKILL.md
--- frontmatter
name: security-threat-model
description: Create/update threat model for agent-only poker: sybil, collusion, replay, spam, timeouts, state desync.

Update docs/SECURITY.md with:

  • Assets, trust boundaries, entry points
  • Attack list and mitigations
  • Detection signals (logging/metrics)
  • Tests or enforcement points

MVP1 priorities:

  • Idempotency and replay protection
  • Rate limits and timeouts
  • Collusion signals logging (even if not enforced yet)