AgentReadyHomeAgent Listing

← AITernet

AITernet — agentic threat model

9.5AIVSS 9.5 · Critical

AITernet operates as a highly autonomous desktop browser agent, presenting significant security risks due to its ability to execute complex web actions on behalf of the user, making it highly vulnerable to indirect prompt injection and unauthorized session exploitation.

OWASP AIVSS score rationale

AIVSS = (CVSS_Base + AARS) × Mitigation_Factor, where AARS = (10 − CVSS_Base) × (Factor_Sum / 10) × ThM
CVSS base 8.8AARS uplift 0.67Factor sum 5.1/10Threat ×1.1Mitigation ×1.0
Autonomy of Action
0.80
Goal-Driven Planning
0.70
Self-Modification
0.10
Dynamic Tool Use
0.80
Persistent Memory
0.30
Contextual Awareness
0.50
Dynamic Identity
0.70
Multi-Agent Interactions
0.10
Non-Determinism
0.60
Opacity & Reflexivity
0.50

Scored with the canonical OWASP AIVSS formula (AIVSS calculator reference); agentic risk factors estimated from the agent’s described capabilities.

MAESTRO 7-layer threat model

Per-layer threats for this agent. Layers tagged “not certain from listing” are general, caveated commentary where the public description didn’t pin that layer.

L1 · Foundation Models⚠ not certain from listing

Not certain from the listing — likely relies on third-party frontier models for visual and textual DOM understanding. Highly vulnerable to indirect prompt injection where malicious instructions embedded in web pages hijack the model's execution flow.

L2 · Data Operations⚠ not certain from listing

Not certain from the listing — likely processes active DOM structures, user session data, and input history. Risks include the exfiltration of sensitive user data scraped from web pages or session cookies during automated browsing.

L3 · Agent Frameworks✓ mapped

Translates natural language into browser actions (clicks, typing, navigation). Threats include tool misuse where the agent is manipulated into performing unauthorized transactions, submitting forms with malicious data, or navigating to phishing sites.

L4 · Deployment & Infrastructure✓ mapped

Deployed as a desktop application or browser extension. Threats include local privilege escalation, insecure storage of browser session tokens, and lack of sandboxing between the agent's execution environment and the host OS.

L5 · Evaluation & Observability⚠ not certain from listing

Not certain from the listing — no visible mechanisms for real-time action monitoring, transaction guardrails, or user-in-the-loop confirmation for high-risk web actions.

L6 · Security & Compliance (cross-cutting)⚠ not certain from listing

Not certain from the listing — lacks documented compliance with data privacy regulations (like GDPR/CCPA) regarding how user browsing data, credentials, and interaction history are handled and stored.

L7 · Agent Ecosystem⚠ not certain from listing

Not certain from the listing — primarily designed for single-user browser automation, but could interact with other web-based agents, leading to cascading trust issues if those external agents are compromised.

MAESTRO — the 7-layer agentic threat-modeling framework (Cloud Security Alliance / Ken Huang).