AgentReadyHomeAgent ListingPricing

← Palmier Pro

Palmier Pro — agentic threat model

8.1AIVSS 8.1 · High

Palmier Pro presents a unique risk profile by exposing a local HTTP MCP server on macOS, potentially allowing external tools or malicious local processes to manipulate the video editor and local files. Its integration with external developer agents increases the attack surface for prompt injection and unauthorized local tool execution.

OWASP AIVSS score rationale

AIVSS = (CVSS_Base + AARS) × Mitigation_Factor, where AARS = (10 − CVSS_Base) × (Factor_Sum / 10) × ThM
CVSS base 7.5AARS uplift 0.98Factor sum 3.9/10Threat ×1.0Mitigation ×0.95
Autonomy of Action
0.40
Goal-Driven Planning
0.30
Self-Modification
0.10
Dynamic Tool Use
0.60
Persistent Memory
0.20
Contextual Awareness
0.50
Dynamic Identity
0.10
Multi-Agent Interactions
0.70
Non-Determinism
0.60
Opacity & Reflexivity
0.40

Scored with the canonical OWASP AIVSS formula (AIVSS calculator reference); agentic risk factors estimated from the agent’s described capabilities.

MAESTRO 7-layer threat model

Per-layer threats for this agent. Layers tagged “not certain from listing” are general, caveated commentary where the public description didn’t pin that layer.

L1 · Foundation Models✓ mapped

Uses external generative models (Seedance, Kling, Nano Banana Pro) for video and image generation, exposing the application to model-specific risks like adversarial inputs, unexpected/offensive outputs, and API dependency vulnerabilities.

L2 · Data Operations⚠ not certain from listing

Not certain from the listing — details on vector databases, RAG, or training data operations are not specified. The app primarily processes local video/image assets and timeline data.

L3 · Agent Frameworks✓ mapped

Orchestrates workflows by exposing an MCP (Model Context Protocol) server, allowing external assistant frameworks to interact with the application's timeline and editing features.

L4 · Deployment & Infrastructure✓ mapped

Runs locally as a native Swift macOS application on Apple Silicon. It exposes a local HTTP endpoint when open, which introduces risks of local port binding vulnerabilities, DNS rebinding, or unauthorized local cross-origin requests.

L5 · Evaluation & Observability⚠ not certain from listing

Not certain from the listing — no explicit evaluation, logging, or guardrail mechanisms are described to monitor the inputs/outputs of the generative models or the MCP server commands.

L6 · Security & Compliance (cross-cutting)⚠ not certain from listing

Not certain from the listing — no explicit authentication, authorization, or compliance frameworks are detailed for securing the local HTTP endpoint or restricting access to the MCP server.

L7 · Agent Ecosystem✓ mapped

Actively participates in a multi-agent ecosystem by integrating with external developer agents (Claude Code, Cursor, Claude Desktop) via MCP, creating a trust boundary where compromised external agents could execute unauthorized actions within the editor.

MAESTRO — the 7-layer agentic threat-modeling framework (Cloud Security Alliance / Ken Huang).

These scores are auto-generated from public information (the agent's own listing, docs, and repository) using the canonical OWASP AIVSS formula and the MAESTRO framework — an estimate for guidance, not a penetration test, audit, or certification. See the scoring methodology. Are you the vendor? Factual corrections are free.