SKILL - Ruflo — ContextQMD

The companion to harness-mcp-scan for enterprise security reviews. Where mcp-scan is a per-server static lint, threat-model produces a categorized report suitable for sharing with an InfoSec team.

Algorithm

Implementation: scripts/threat-model.mjs.

Shell npx -p metaharness@latest harness threat-model <path> --json.
Parse { worst, findings[] }.
--fail-on <severity>: exit 1 when worst >= fail-on. Default high.

Severity rank

Severity	Rank
clean	0
low	1
medium	2
high	3

When to use

Pre-launch review: include the JSON output in the release-readiness packet sent to security.
Periodic audit: schedule via the planned oia-audit background worker (ADR-150 Phase 2) to detect MCP-surface drift.

Graceful degradation

Same pattern as the other skills: when harness is absent, emit { degraded: true } and exit 0. ADR-150 architectural constraint.