Name: lets-threat-model-github-action
Author: jesuscmartinez

About This Tool

Agentic AI threat modeling using the lets-threat-model-core Docker container. This action produces Markdown, optional JSON, and SARIF reports—seamlessly integrating security assessments into your CI/CD pipeline and supporting GitHub Code Scanning.

Primary Use Case

This tool is designed for DevSecOps teams and security engineers who want to automate threat modeling within their CI/CD workflows. By leveraging AI and Docker, it produces detailed security assessment reports that can be used for risk analysis and compliance, seamlessly integrating with GitHub Code Scanning for continuous security monitoring.

Key Features

Runs the lets-threat-model-core Docker container for AI-driven threat modeling
Generates Markdown reports of threat models
Optionally outputs JSON and SARIF formatted reports
Supports integration with GitHub Code Scanning
Securely uses environment variables for GitHub and OpenAI authentication
Configurable via YAML config files checked into the repository
Adjustable log levels for detailed workflow output

Insights & Recommendations

Users must securely store and provide their OpenAI API key and optionally GitHub PAT for remote repo operations. The tool relies on the lets-threat-model-core Docker container, so Docker support is required in the CI environment. Proper YAML configuration files are necessary for accurate threat modeling. The SARIF output enables integration with GitHub Code Scanning for enhanced security visibility.

Installation

Ensure your repository includes a YAML configuration file for the threat model
Add the GitHub Action workflow YAML file to your repo (e.g., .github/workflows/threat_model.yml)
Use the action jesuscmartinez/lets-threat-model-github-action@main in your workflow
Set required inputs including the path to the config file and OpenAI API key as secrets
Optionally configure output paths for Markdown, JSON, and SARIF reports
Ensure the repository is checked out in the workflow before running the action

Usage

uses: jesuscmartinez/lets-threat-model-github-action@main

Invokes the GitHub Action to generate threat models using the lets-threat-model-core Docker container.

with: config: config/my-config.yaml openai-api-key: ${{ secrets.OPENAI_API_KEY }} markdown-output: threat_model_report.md json-output: threat_model_report.json sarif-output: threat_model_report.sarif

Specifies inputs for the action including the config file location, OpenAI API key, and output report paths.

Smart Usage Notes

Integrate with CI/CD pipelines to automate threat modeling and continuously identify emerging risks.
Leverage SARIF output to feed into GitHub Code Scanning for enhanced vulnerability tracking and remediation workflows.
Use generated threat models to inform red team scenarios and purple team exercises for improved attack simulation realism.
Combine with security orchestration tools to automate risk assessment and prioritize mitigation actions.
Customize YAML configurations to tailor threat modeling to specific application architectures and compliance requirements.

Open Source Security Atlas

lets-threat-model-github-action