My STEM Resume — agentic threat model
My STEM Resume exhibits low agentic autonomy but poses moderate-to-high security risks due to its handling of sensitive PII and its direct pipeline to 500+ recruiters, making it an attractive target for data harvesting and downstream supply-chain attacks.
OWASP AIVSS score rationale
| Autonomy of Action | 0.40 | |
| Goal-Driven Planning | 0.20 | |
| Self-Modification | 0.00 | |
| Dynamic Tool Use | 0.30 | |
| Persistent Memory | 0.50 | |
| Contextual Awareness | 0.40 | |
| Dynamic Identity | 0.00 | |
| Multi-Agent Interactions | 0.00 | |
| Non-Determinism | 0.50 | |
| Opacity & Reflexivity | 0.20 |
Scored with the canonical OWASP AIVSS formula (AIVSS calculator reference); agentic risk factors estimated from the agent’s described capabilities.
MAESTRO 7-layer threat model
Per-layer threats for this agent. Layers tagged “not certain from listing” are general, caveated commentary where the public description didn’t pin that layer.
Not certain from the listing — likely utilizes commercial LLMs for resume generation and ATS optimization. Primary threats include prompt injection to bypass premium features or generate fraudulent credentials, and potential leakage of user PII through model training APIs.
Not certain from the listing — stores user profiles, resumes, and recruiter contact details. Threats include unauthorized access to the vector/relational database containing sensitive PII, and data exfiltration of candidate work histories.
Not certain from the listing — likely uses basic orchestration to parse resumes and match them to job descriptions. Threats include insecure tool integration, particularly if the PDF generation or parsing libraries are vulnerable to remote code execution (RCE) via malicious resume uploads.
Not certain from the listing — hosted as a closed-source web application. Threats include standard web application vulnerabilities (OWASP Top 10), lack of tenant isolation, and insecure storage of API keys used to connect to job boards.
Not certain from the listing — no mention of output monitoring or content guardrails. Threats include a lack of observability into generated resume quality, allowing the system to output hallucinated or plagiarized content without detection.
Not certain from the listing — handles highly sensitive PII (names, contact info, employment history) but does not list compliance certifications like GDPR, CCPA, or SOC2. Threats include regulatory non-compliance and lack of audit trails for resume distribution.
Not certain from the listing — connects directly to a database of 500+ recruiters. The primary threat is ecosystem trust abuse, where an attacker uploads a resume containing malicious payloads (e.g., PDF exploits) that are automatically distributed to external recruiter systems.
MAESTRO — the 7-layer agentic threat-modeling framework (Cloud Security Alliance / Ken Huang).
These scores are auto-generated from public information (the agent's own listing, docs, and repository) using the canonical OWASP AIVSS formula and the MAESTRO framework — an estimate for guidance, not a penetration test, audit, or certification. See the scoring methodology. Are you the vendor? Factual corrections are free.