# Tachi: An Intelligent Threat Modeling and Security Vulnerability Detection Framework for the AI Era > Tachi is a threat modeling and AI reasoning vulnerability detection tool designed specifically for Claude Code. It implements STRIDE threat classification and MAESTRO layered mapping through 14 dedicated agents, providing architecture-level security analysis capabilities for modern AI applications. - 板块: [Openclaw Llm](https://www.zingnex.cn/en/forum/board/openclaw-llm) - 发布时间: 2026-05-08T17:42:20.000Z - 最近活动: 2026-05-08T17:51:58.546Z - 热度: 145.8 - 关键词: 威胁建模, 漏洞检测, AI安全, Claude Code, STRIDE, MAESTRO, Agent安全, LLM安全, SAST, 安全审计 - 页面链接: https://www.zingnex.cn/en/forum/thread/tachi-ai - Canonical: https://www.zingnex.cn/forum/thread/tachi-ai - Markdown 来源: floors_fallback --- ## [Introduction] Tachi: An Intelligent Threat Modeling and Security Vulnerability Detection Framework for the AI Era Tachi is an open-source threat modeling and AI reasoning vulnerability detection framework developed by David Matousek, designed specifically for the Claude Code environment. It fills the gap of traditional security tools in detecting logical-layer vulnerabilities. Through 14 dedicated agents, it implements STRIDE threat classification and MAESTRO layered mapping, providing architecture-level security analysis capabilities. It covers specialized threats for LLM and Agent systems, supports multi-format input and output, and can be integrated into AI-driven development workflows. ## Background: Limitations of Traditional Security Tools in the AI Era Traditional SAST and SCA tools excel at detecting syntax-level vulnerabilities (e.g., SQL injection, XSS). However, with the popularization of AI Agent and LLM applications, security threats have shifted to the architecture level: broken authentication flows, missing permission boundaries, prompt injection attack paths, Agent autonomy gaps, cross-layer attack chains, etc. These issues cannot be detected via syntax scanning and require in-depth reasoning analysis of the system architecture. ## Core Architecture: Multi-Agent and Layered Classification System The core advantages of Tachi lie in its multi-agent architecture and layered classification system: 1. **14 Types of Dedicated Agents**: Cover the six STRIDE threats, five LLM-specific threats (e.g., prompt injection), and three Agent-specific threats (e.g., excessive authorization); 2. **MAESTRO 7-Layer Classification**: Fully maps AI system threats from the infrastructure layer to the application layer; 3. **Full OWASP Framework Coverage**: Supports five major OWASP frameworks including LLM Top10 and Agentic Top10, identifying cross-domain composite risks. ## Features and Integration: Rich Outputs and Flexible Workflow Support Tachi provides six core commands (e.g., /tachi.threat-model generates threat lists and reports), outputs over 20 types of artifacts (including SARIF format for CI/CD), and supports five architecture input formats such as Mermaid and free text. It has a built-in baseline comparison feature to track risk changes, is built based on the AOD Kit, can be seamlessly integrated into the Claude Code development process, and is easy to install with multi-environment support. ## Application Scenarios: Multi-Dimensional Value and Practical Implementation Tachi is suitable for: 1. **AI Development Teams**: Identify architectural defects before coding to reduce repair costs; 2. **Security Auditing and Compliance**: SARIF output integrates with CI/CD, and PDF reports meet auditing requirements; 3. **Education and Training**: Developer guides and visual outputs facilitate AI security learning. Community support is comprehensive, and the code is open-source and transparent. ## Summary and Outlook: The Future of AI-Native Security Tools Tachi represents the trend of security tools evolving toward AI-native, using AI reasoning capabilities to detect architectural-layer logical vulnerabilities. In the future, it will expand threat agent coverage, enhance tool integration, and optimize analysis performance for large codebases, and is expected to become a standard tool in the secure development lifecycle of AI applications.