AgentReadyHomeAgent Listing

← andAI

andAI — agentic threat model

6.5AIVSS 6.5 · Medium

andAI presents a high-value target due to its handling of highly sensitive, pre-patent intellectual property and invention disclosures. While its agentic autonomy is bounded by human-in-the-loop legal review, a compromise of its data operations or workspace could lead to catastrophic IP leakage.

OWASP AIVSS score rationale

AIVSS = (CVSS_Base + AARS) × Mitigation_Factor, where AARS = (10 − CVSS_Base) × (Factor_Sum / 10) × ThM
CVSS base 6.8AARS uplift 1.28Factor sum 4.0/10Threat ×1.0Mitigation ×0.8
Autonomy of Action
0.40
Goal-Driven Planning
0.50
Self-Modification
0.10
Dynamic Tool Use
0.60
Persistent Memory
0.30
Contextual Awareness
0.70
Dynamic Identity
0.10
Multi-Agent Interactions
0.20
Non-Determinism
0.50
Opacity & Reflexivity
0.60

Scored with the canonical OWASP AIVSS formula (AIVSS calculator reference); agentic risk factors estimated from the agent’s described capabilities.

MAESTRO 7-layer threat model

Per-layer threats for this agent. Layers tagged “not certain from listing” are general, caveated commentary where the public description didn’t pin that layer.

L1 · Foundation Models⚠ not certain from listing

Not certain from the listing — The underlying foundation models are not specified. Threats include adversarial prompt injection designed to bypass legal guardrails or leak system prompts, and potential model misalignment leading to hallucinated prior art.

L2 · Data Operations✓ mapped

Highly critical layer as the agent processes sensitive invention disclosures, patent claims, and global prior art. Threats include data exfiltration of pre-patent IP, and knowledge-base poisoning if the global prior art search index can be manipulated to hide or surface specific documents.

L3 · Agent Frameworks✓ mapped

The AI agent 'Andy' orchestrates multi-step patent tasks, including claim chart generation and office action responses. Threats include insecure tool integration with external patent databases and prompt injection manipulating the automated legal analysis.

L4 · Deployment & Infrastructure⚠ not certain from listing

Not certain from the listing — Specific hosting, sandboxing, and infrastructure details are omitted. Threats include unauthorized access to the collaborative workspace and container compromise that could expose active session data.

L5 · Evaluation & Observability⚠ not certain from listing

Not certain from the listing — No evaluation, guardrail, or observability frameworks are detailed. Gaps here could lead to undetected drift in legal reasoning or silent failures in prior art search completeness.

L6 · Security & Compliance (cross-cutting)✓ mapped

The platform claims strict data privacy and zero-data retention policies within a secure collaborative workspace. Compliance threats involve potential retention policy failures or unauthorized access to active patent drafts, violating attorney-client privilege or IP confidentiality.

L7 · Agent Ecosystem⚠ not certain from listing

Not certain from the listing — The ecosystem appears limited to the internal 'Andy' agent and collaborative users. There is no explicit mention of external multi-agent marketplaces or federated agent interactions.

MAESTRO — the 7-layer agentic threat-modeling framework (Cloud Security Alliance / Ken Huang).