Humanlinker — agentic threat model
Humanlinker presents a moderate-to-high security risk due to its deep integration with enterprise CRMs and browser-level access via a Chrome extension. A compromise could lead to sensitive customer data exfiltration or automated social engineering attacks executed through the user's authenticated sessions.
OWASP AIVSS score rationale
| Autonomy of Action | 0.40 | |
| Goal-Driven Planning | 0.30 | |
| Self-Modification | 0.00 | |
| Dynamic Tool Use | 0.60 | |
| Persistent Memory | 0.50 | |
| Contextual Awareness | 0.70 | |
| Dynamic Identity | 0.40 | |
| Multi-Agent Interactions | 0.10 | |
| Non-Determinism | 0.60 | |
| Opacity & Reflexivity | 0.50 |
Scored with the canonical OWASP AIVSS formula (AIVSS calculator reference); agentic risk factors estimated from the agent’s described capabilities.
MAESTRO 7-layer threat model
Per-layer threats for this agent. Layers tagged “not certain from listing” are general, caveated commentary where the public description didn’t pin that layer.
Uses foundation models to perform DISC personality analysis and generate personalized outreach messages. Threats include prompt injection that could manipulate the personality assessment or force the generation of malicious/phishing outreach templates.
Ingests prospect data from LinkedIn and CRMs (Salesforce, HubSpot, Dynamics) for contact enrichment and verification. Threats include data exfiltration of sensitive CRM contact lists and potential poisoning of enrichment data sources.
Orchestrates tool execution across CRM APIs, enrichment databases, and browser-based LinkedIn interactions. Threats include insecure tool integration where compromised inputs trigger unauthorized CRM writes or bulk data exports.
Deploys as a Chrome extension alongside a web application, requiring session access to LinkedIn and API keys for CRMs. Threats include session hijacking via the Chrome extension, local storage exposure of credentials, and insecure API key management.
Not certain from the listing — there is no mention of built-in guardrails, output filtering for generated messages, or logging mechanisms to detect anomalous CRM data access or prompt injection attempts.
Not certain from the listing — the description does not detail compliance certifications (such as SOC2 or GDPR), data retention policies for synced CRM data, or role-based access controls (RBAC) for sales teams.
Not certain from the listing — the agent operates primarily as a standalone horizontal sales tool without explicit multi-agent collaboration or marketplace integrations.
MAESTRO — the 7-layer agentic threat-modeling framework (Cloud Security Alliance / Ken Huang).
These scores are auto-generated from public information (the agent's own listing, docs, and repository) using the canonical OWASP AIVSS formula and the MAESTRO framework — an estimate for guidance, not a penetration test, audit, or certification. See the scoring methodology. Are you the vendor? Factual corrections are free.