AgentReadyHomeAgent Listing

← AI Humanizer Pro

AI Humanizer Pro — agentic threat model

5.3AIVSS 5.3 · Medium

AI Humanizer Pro is a low-risk, utility-focused NLP tool with minimal agentic autonomy, primarily posing risks related to data privacy of uploaded documents and prompt injection rather than systemic or operational compromise.

OWASP AIVSS score rationale

AIVSS = (CVSS_Base + AARS) × Mitigation_Factor, where AARS = (10 − CVSS_Base) × (Factor_Sum / 10) × ThM
CVSS base 4.3AARS uplift 0.97Factor sum 1.8/10Threat ×0.95Mitigation ×1.0
Autonomy of Action
0.10
Goal-Driven Planning
0.10
Self-Modification
0.00
Dynamic Tool Use
0.20
Persistent Memory
0.10
Contextual Awareness
0.30
Dynamic Identity
0.00
Multi-Agent Interactions
0.00
Non-Determinism
0.60
Opacity & Reflexivity
0.40

Scored with the canonical OWASP AIVSS formula (AIVSS calculator reference); agentic risk factors estimated from the agent’s described capabilities.

MAESTRO 7-layer threat model

Per-layer threats for this agent. Layers tagged “not certain from listing” are general, caveated commentary where the public description didn’t pin that layer.

L1 · Foundation Models⚠ not certain from listing

Not certain from the listing — likely relies on a fine-tuned LLM or proprietary NLP model for paraphrasing. It is vulnerable to prompt injection attacks that could bypass style constraints or leak system instructions.

L2 · Data Operations⚠ not certain from listing

Not certain from the listing — processes user-uploaded TXT, PDF, and DOCX files. Main threats include data leakage of sensitive document contents and potential data retention/privacy policy gaps regarding user inputs.

L3 · Agent Frameworks⚠ not certain from listing

Not certain from the listing — likely uses a simple sequential pipeline rather than a complex agent framework. The primary risk is insecure integration with external AI-detection APIs during multi-detector testing.

L4 · Deployment & Infrastructure⚠ not certain from listing

Not certain from the listing — hosted web application. Risks include standard web application vulnerabilities and potential server-side exploits when parsing complex document formats like PDF and DOCX.

L5 · Evaluation & Observability⚠ not certain from listing

Not certain from the listing — features 'multi-detector testing' for output evaluation, but lacks visible security monitoring, input/output guardrails, or abuse detection mechanisms.

L6 · Security & Compliance (cross-cutting)⚠ not certain from listing

Not certain from the listing — closed-source freemium tool with no mentioned security certifications (e.g., SOC2, GDPR compliance), presenting potential compliance risks for professional or academic users uploading proprietary data.

L7 · Agent Ecosystem✓ mapped

The agent operates as a standalone horizontal utility with no multi-agent or marketplace integrations described, minimizing ecosystem-level cascading risks.

MAESTRO — the 7-layer agentic threat-modeling framework (Cloud Security Alliance / Ken Huang).