AgentReadyHomeAgent Listing

← AI 3D World

AI 3D World — agentic threat model

5.6AIVSS 5.6 · Medium

AI 3D World is a generative text-to-3D tool with low agentic risk, primarily presenting risks related to resource abuse (GPU rendering), content moderation bypass, and intellectual property/data provenance.

OWASP AIVSS score rationale

AIVSS = (CVSS_Base + AARS) × Mitigation_Factor, where AARS = (10 − CVSS_Base) × (Factor_Sum / 10) × ThM
CVSS base 4.3AARS uplift 1.25Factor sum 2.2/10Threat ×1.0Mitigation ×1.0
Autonomy of Action
0.20
Goal-Driven Planning
0.10
Self-Modification
0.00
Dynamic Tool Use
0.10
Persistent Memory
0.10
Contextual Awareness
0.20
Dynamic Identity
0.00
Multi-Agent Interactions
0.00
Non-Determinism
0.70
Opacity & Reflexivity
0.80

Scored with the canonical OWASP AIVSS formula (AIVSS calculator reference); agentic risk factors estimated from the agent’s described capabilities.

MAESTRO 7-layer threat model

Per-layer threats for this agent. Layers tagged “not certain from listing” are general, caveated commentary where the public description didn’t pin that layer.

L1 · Foundation Models⚠ not certain from listing

Not certain from the listing — The underlying text-to-3D foundation models are undisclosed. Primary threats include adversarial prompt injection to bypass generation safety filters, model stealing of proprietary weights, and potential output misalignment.

L2 · Data Operations⚠ not certain from listing

Not certain from the listing — The training datasets and 3D asset pipelines are not described. Risks include data poisoning of the 3D asset library and intellectual property/copyright infringement of generated 3D models.

L3 · Agent Frameworks⚠ not certain from listing

Not certain from the listing — The orchestration framework for translating text to 3D environments is opaque. Threats are likely limited to prompt injection and unexpected generation behaviors rather than tool misuse.

L4 · Deployment & Infrastructure⚠ not certain from listing

Not certain from the listing — Hosting and rendering infrastructure are undisclosed. High-performance GPU rendering environments are attractive targets for resource theft (e.g., crypto-mining) and denial of service.

L5 · Evaluation & Observability⚠ not certain from listing

Not certain from the listing — No observability, logging, or content moderation guardrails are mentioned. There is a risk of users generating offensive, unsafe, or copyrighted 3D assets without detection.

L6 · Security & Compliance (cross-cutting)⚠ not certain from listing

Not certain from the listing — The service is closed-source and paid, but no compliance standards (e.g., SOC2, GDPR) or specific access controls are detailed.

L7 · Agent Ecosystem✓ mapped

The agent operates as a standalone generator with no multi-agent coordination, marketplace integrations, or agent-to-agent communication described.

MAESTRO — the 7-layer agentic threat-modeling framework (Cloud Security Alliance / Ken Huang).