AgentReadyHomeAgent ListingPricing

← Sendbird AI Agent

Sendbird AI Agent — agentic threat model

7.5AIVSS 7.5 · High

The Sendbird AI Agent presents a moderate-to-high risk profile due to its deep integration with enterprise CRMs, knowledge bases, and omnichannel communication vectors (SMS, WhatsApp, email), which could be abused for data exfiltration or automated phishing if compromised.

OWASP AIVSS score rationale

AIVSS = (CVSS_Base + AARS) × Mitigation_Factor, where AARS = (10 − CVSS_Base) × (Factor_Sum / 10) × ThM
CVSS base 7.5AARS uplift 1.3Factor sum 5.2/10Threat ×1.0Mitigation ×0.85
Autonomy of Action
0.70
Goal-Driven Planning
0.50
Self-Modification
0.10
Dynamic Tool Use
0.60
Persistent Memory
0.80
Contextual Awareness
0.80
Dynamic Identity
0.40
Multi-Agent Interactions
0.20
Non-Determinism
0.60
Opacity & Reflexivity
0.50

Scored with the canonical OWASP AIVSS formula (AIVSS calculator reference); agentic risk factors estimated from the agent’s described capabilities.

MAESTRO 7-layer threat model

Per-layer threats for this agent. Layers tagged “not certain from listing” are general, caveated commentary where the public description didn’t pin that layer.

L1 · Foundation Models⚠ not certain from listing

Not certain from the listing — likely utilizes third-party foundation models (e.g., OpenAI, Anthropic) or proprietary models for intent understanding. Threats include adversarial prompt injection to bypass guardrails and mis-aligned outputs.

L2 · Data Operations✓ mapped

Integrates with enterprise CRMs and knowledge bases for RAG. Threats include knowledge-base poisoning, unauthorized data exfiltration via prompt injection, and lack of data lineage controls over CRM syncs.

L3 · Agent Frameworks✓ mapped

Orchestrates multi-channel communication, tool execution (CRM/KB queries), and human handoff. Threats include insecure tool integration, memory poisoning (via malicious customer inputs), and logic flaws in handoff triggers.

L4 · Deployment & Infrastructure⚠ not certain from listing

Not certain from the listing — hosted as a SaaS platform with enterprise-grade security claims. Threats include container/host compromise, exposed API endpoints, and credential theft for integrated channels (WhatsApp, SMS, CRMs).

L5 · Evaluation & Observability✓ mapped

Features 'activity trails' which provide audit logs of agent actions. Threats include insufficient logging of prompt injections, blind spots in conversational drift, and lack of real-time anomaly detection.

L6 · Security & Compliance (cross-cutting)⚠ not certain from listing

Not certain from the listing — claims 'enterprise-grade security' but lacks specific compliance certifications (e.g., SOC2, ISO 27001) in the brief description. Threats include weak authorization controls between tenant environments and regulatory non-compliance (GDPR/CCPA) regarding customer data.

L7 · Agent Ecosystem⚠ not certain from listing

Not certain from the listing — primarily acts as a single agent interacting with humans and APIs, rather than a multi-agent ecosystem. Threats include cascading failures if integrated CRM/communication APIs experience outages.

MAESTRO — the 7-layer agentic threat-modeling framework (Cloud Security Alliance / Ken Huang).

These scores are auto-generated from public information (the agent's own listing, docs, and repository) using the canonical OWASP AIVSS formula and the MAESTRO framework — an estimate for guidance, not a penetration test, audit, or certification. See the scoring methodology. Are you the vendor? Factual corrections are free.