Anthropic released a bunch of skills related to threat modeling and cybersec. I haven't looked into the actual skill quality too deeply but im so far impressed. I think this is much closer to 'good' because it has a lot actually riding on it (cf mythos and the security stuff going on around that)

• Claude Code skills: /quickstart, /threat-model, /vuln-scan, /triage, /patch, /customize: interactive scoping, scanning, triage, and patching. Open this repo in Claude Code and run /quickstart to get oriented.

• harness/: the autonomous reference pipeline (recon → find → verify → report → patch), configured for finding C/C++ memory vulnerabilities using Docker and ASAN. This harness is a reference, not a product. The general shape, prompts, and sandboxing are reusable, but the harness will not work on every codebase out of the box. Run /customize to port it to your language, detector, or vuln class.

It’s expensive though.

As a rough guideline, expect ~10K uncached input tokens/min and ~2K output tokens/min per agent. You can scale parallelism up to your account's ITPM limit (roughly 10 agents per 100K ITPM).

Which tracks with my previous position that defending is much more token intensive than attacking.