AgentReadyHomeAgent Listing

← Amplemarket

Amplemarket — agentic threat model

8.8AIVSS 8.8 · High

Amplemarket presents a moderate-to-high agentic risk due to its deep integration with communication channels (Email, LinkedIn) and CRMs, where compromised credentials or prompt injection could lead to automated social engineering, spamming, and data exfiltration.

OWASP AIVSS score rationale

AIVSS = (CVSS_Base + AARS) × Mitigation_Factor, where AARS = (10 − CVSS_Base) × (Factor_Sum / 10) × ThM
CVSS base 8.5AARS uplift 0.77Factor sum 4.9/10Threat ×1.05Mitigation ×0.95
Autonomy of Action
0.70
Goal-Driven Planning
0.60
Self-Modification
0.10
Dynamic Tool Use
0.70
Persistent Memory
0.60
Contextual Awareness
0.60
Dynamic Identity
0.50
Multi-Agent Interactions
0.10
Non-Determinism
0.50
Opacity & Reflexivity
0.50

Scored with the canonical OWASP AIVSS formula (AIVSS calculator reference); agentic risk factors estimated from the agent’s described capabilities.

MAESTRO 7-layer threat model

Per-layer threats for this agent. Layers tagged “not certain from listing” are general, caveated commentary where the public description didn’t pin that layer.

L1 · Foundation Models⚠ not certain from listing

Not certain from the listing — likely utilizes third-party LLMs or proprietary NLP models for generating outreach emails and insights. Primary threats include prompt injection leading to the generation of malicious or highly inappropriate emails, and model misalignment.

L2 · Data Operations⚠ not certain from listing

Not certain from the listing — ingests and processes large volumes of B2B contact data, calendar events, and buying intent signals. Risks include data poisoning of lead databases, embedding inversion, and unauthorized exfiltration of sensitive CRM data.

L3 · Agent Frameworks⚠ not certain from listing

Not certain from the listing — orchestrates multi-channel outreach and data enrichment workflows. Vulnerabilities could involve insecure tool integration with email and LinkedIn APIs, potentially allowing unauthorized message dispatch or calendar manipulation.

L4 · Deployment & Infrastructure⚠ not certain from listing

Not certain from the listing — hosted as a closed-source SaaS platform. Key threats include the exposure of integrated CRM/email API keys and credentials stored within the infrastructure, as well as standard cloud hosting vulnerabilities.

L5 · Evaluation & Observability⚠ not certain from listing

Not certain from the listing — likely monitors email deliverability and campaign metrics, but AI-specific guardrails to prevent toxic or deceptive outreach generation are not detailed.

L6 · Security & Compliance (cross-cutting)⚠ not certain from listing

Not certain from the listing — handles extensive PII for B2B prospecting, requiring strict compliance with GDPR/CCPA. Requires robust OAuth mechanisms and role-based access controls to protect connected sales accounts.

L7 · Agent Ecosystem⚠ not certain from listing

Not certain from the listing — operates primarily as a single-platform solution interacting with external APIs (LinkedIn, CRMs) rather than a multi-agent ecosystem. Risks are centered on API rate-limiting, account suspension, or cascading failures across connected platforms.

MAESTRO — the 7-layer agentic threat-modeling framework (Cloud Security Alliance / Ken Huang).