AgentReadyHomeAgent ListingPricing

← Windy

Windy — agentic threat model

9.2AIVSS 9.2 · Critical

Windy presents a high-risk profile due to its deep integration with corporate productivity tools and its access to sensitive HR, performance, and feedback data, where compromise could lead to widespread PII exposure or manipulated organizational decisions.

OWASP AIVSS score rationale

AIVSS = (CVSS_Base + AARS) × Mitigation_Factor, where AARS = (10 − CVSS_Base) × (Factor_Sum / 10) × ThM
CVSS base 8.5AARS uplift 0.72Factor sum 4.6/10Threat ×1.05Mitigation ×1.0
Autonomy of Action
0.60
Goal-Driven Planning
0.50
Self-Modification
0.10
Dynamic Tool Use
0.60
Persistent Memory
0.70
Contextual Awareness
0.70
Dynamic Identity
0.20
Multi-Agent Interactions
0.10
Non-Determinism
0.50
Opacity & Reflexivity
0.60

Scored with the canonical OWASP AIVSS formula (AIVSS calculator reference); agentic risk factors estimated from the agent’s described capabilities.

MAESTRO 7-layer threat model

Per-layer threats for this agent. Layers tagged “not certain from listing” are general, caveated commentary where the public description didn’t pin that layer.

L1 · Foundation Models⚠ not certain from listing

Not certain from the listing — likely utilizes commercial LLMs to generate feedback and synthesize performance insights. Threats include prompt injection that could bias employee evaluations or leak sensitive organizational data.

L2 · Data Operations⚠ not certain from listing

Not certain from the listing — requires ingestion of workflow data, accomplishments, and feedback into a persistent store. Threats include data poisoning of performance metrics and unauthorized exfiltration of sensitive employee PII.

L3 · Agent Frameworks⚠ not certain from listing

Not certain from the listing — orchestrates actions across productivity tools to gather insights. Threats include insecure tool integration leading to unauthorized API execution in connected platforms like Slack or Jira.

L4 · Deployment & Infrastructure⚠ not certain from listing

Not certain from the listing — hosted as a closed-source SaaS platform. Threats include compromise of OAuth tokens and API secrets used to authenticate into the customer's productivity suite.

L5 · Evaluation & Observability⚠ not certain from listing

Not certain from the listing — no mention of guardrails or evaluation frameworks. Threats include drift in automated feedback quality and lack of observability into how performance insights are derived.

L6 · Security & Compliance (cross-cutting)⚠ not certain from listing

Not certain from the listing — handles highly sensitive HR data but lacks explicit mention of compliance standards (e.g., GDPR, SOC2). Threats include regulatory non-compliance regarding automated employee monitoring and decision-making.

L7 · Agent Ecosystem⚠ not certain from listing

Not certain from the listing — primarily functions as a standalone agent integrating with APIs, but risks cascading failures if connected third-party workspace bots are compromised.

MAESTRO — the 7-layer agentic threat-modeling framework (Cloud Security Alliance / Ken Huang).

These scores are auto-generated from public information (the agent's own listing, docs, and repository) using the canonical OWASP AIVSS formula and the MAESTRO framework — an estimate for guidance, not a penetration test, audit, or certification. See the scoring methodology. Are you the vendor? Factual corrections are free.