HoverBot — agentic threat model
HoverBot presents a moderate agentic risk profile; while its autonomy is limited to conversational support and lead generation, its deployment via a single script tag introduces supply-chain and XSS risks, though mitigated by robust built-in guardrails and human-in-the-loop features.
OWASP AIVSS score rationale
| Autonomy of Action | 0.40 | |
| Goal-Driven Planning | 0.20 | |
| Self-Modification | 0.00 | |
| Dynamic Tool Use | 0.20 | |
| Persistent Memory | 0.20 | |
| Contextual Awareness | 0.50 | |
| Dynamic Identity | 0.10 | |
| Multi-Agent Interactions | 0.00 | |
| Non-Determinism | 0.50 | |
| Opacity & Reflexivity | 0.40 |
Scored with the canonical OWASP AIVSS formula (AIVSS calculator reference); agentic risk factors estimated from the agent’s described capabilities.
MAESTRO 7-layer threat model
Per-layer threats for this agent. Layers tagged “not certain from listing” are general, caveated commentary where the public description didn’t pin that layer.
Not certain from the listing — HoverBot does not disclose its underlying foundation models. General threats include prompt injection to bypass tone controls, model reprogramming, and generating misaligned or brand-damaging outputs.
HoverBot relies on RAG-powered custom knowledge. Threats include knowledge-base poisoning (uploading malicious or inaccurate documents to manipulate chatbot answers) and data exfiltration of proprietary business knowledge via indirect prompt injection.
The orchestration framework manages 'modular AI skills' like lead generation and product support. Threats include insecure integration with downstream CRMs or ticketing systems, allowing attackers to inject malicious payloads into lead capture forms.
The widget is deployed via a single script tag on client websites. This introduces a critical supply-chain risk where a compromise of HoverBot's CDN or hosting infrastructure could result in widespread Cross-Site Scripting (XSS) on customer websites.
Features configurable guardrails and compliance logging. Threats include guardrail evasion through advanced adversarial jailbreaks, and logging blind spots if anomalous user interactions fail to trigger alerts.
Includes real-time PII masking, compliance logging, and data policies. Threats include regulatory non-compliance (GDPR/CCPA) if the PII masking algorithm fails to detect novel formats of sensitive user data before writing to logs.
Not certain from the listing — HoverBot appears to operate as a standalone horizontal widget. If integrated into broader multi-agent ecosystems in the future, threats would include trust abuse and cascading failures from compromised upstream agents.
MAESTRO — the 7-layer agentic threat-modeling framework (Cloud Security Alliance / Ken Huang).
These scores are auto-generated from public information (the agent's own listing, docs, and repository) using the canonical OWASP AIVSS formula and the MAESTRO framework — an estimate for guidance, not a penetration test, audit, or certification. See the scoring methodology. Are you the vendor? Factual corrections are free.