Portkey — agentic threat model
Portkey acts as a critical AI gateway and observability proxy; while its autonomous decision-making is low, its position as a central hub routing to 250+ LLMs makes it a high-value target for API key theft and data interception.
OWASP AIVSS score rationale
| Autonomy of Action | 0.20 | |
| Goal-Driven Planning | 0.10 | |
| Self-Modification | 0.10 | |
| Dynamic Tool Use | 0.40 | |
| Persistent Memory | 0.20 | |
| Contextual Awareness | 0.40 | |
| Dynamic Identity | 0.30 | |
| Multi-Agent Interactions | 0.20 | |
| Non-Determinism | 0.20 | |
| Opacity & Reflexivity | 0.10 |
Scored with the canonical OWASP AIVSS formula (AIVSS calculator reference); agentic risk factors estimated from the agent’s described capabilities.
MAESTRO 7-layer threat model
Per-layer threats for this agent. Layers tagged “not certain from listing” are general, caveated commentary where the public description didn’t pin that layer.
Acts as a router to 250+ LLMs. While it does not train foundation models, its routing capabilities expose it to upstream model vulnerabilities, misaligned outputs, and model-side data exfiltration.
Not certain from the listing — prompt management is mentioned, but specific vector database integrations, RAG data operations, or training data lineage are not detailed.
Provides the orchestration middleware (AI Gateway) that manages prompt templates and routes requests. Vulnerabilities here could lead to prompt injection bypasses or insecure routing configurations.
Not certain from the listing — deployment architecture, sandboxing, and secrets management for the 250+ LLM API keys are not detailed in the brief description.
Portkey's core strength. Provides full-stack observability with 40+ production metrics and 50+ guardrails. This mitigates blind spots and drift, though the guardrails themselves must be secured against evasion.
Explicitly features governance and 50+ guardrails to enforce compliance, policy, and secure access across LLM integrations.
Not certain from the listing — while it routes to multiple LLMs, specific multi-agent orchestration, agent-to-agent trust boundaries, or marketplace interactions are not detailed.
MAESTRO — the 7-layer agentic threat-modeling framework (Cloud Security Alliance / Ken Huang).
These scores are auto-generated from public information (the agent's own listing, docs, and repository) using the canonical OWASP AIVSS formula and the MAESTRO framework — an estimate for guidance, not a penetration test, audit, or certification. See the scoring methodology. Are you the vendor? Factual corrections are free.