AgentReadyHomeAgent Listing

← Aneu

Aneu — agentic threat model

8.3AIVSS 8.3 · High

Aneu poses high privacy and social engineering risks due to its deep personal data collection, long-term memory, and proactive communication capabilities, which could be weaponized for emotional manipulation or targeted phishing if compromised.

OWASP AIVSS score rationale

AIVSS = (CVSS_Base + AARS) × Mitigation_Factor, where AARS = (10 − CVSS_Base) × (Factor_Sum / 10) × ThM
CVSS base 6.5AARS uplift 1.84Factor sum 5.0/10Threat ×1.05Mitigation ×1.0
Autonomy of Action
0.70
Goal-Driven Planning
0.30
Self-Modification
0.50
Dynamic Tool Use
0.20
Persistent Memory
0.90
Contextual Awareness
0.80
Dynamic Identity
0.10
Multi-Agent Interactions
0.00
Non-Determinism
0.80
Opacity & Reflexivity
0.70

Scored with the canonical OWASP AIVSS formula (AIVSS calculator reference); agentic risk factors estimated from the agent’s described capabilities.

MAESTRO 7-layer threat model

Per-layer threats for this agent. Layers tagged “not certain from listing” are general, caveated commentary where the public description didn’t pin that layer.

L1 · Foundation Models⚠ not certain from listing

Not certain from the listing — likely utilizes a fine-tuned LLM optimized for emotional intelligence and conversational persistence. The primary threat is prompt injection that could bypass safety guardrails, causing the agent to exhibit manipulative behavior or leak system instructions.

L2 · Data Operations⚠ not certain from listing

Not certain from the listing — relies on a persistent database or vector store to maintain long-term memory of deeply personal user interactions. This creates a high-value target for data exfiltration and memory poisoning, where malicious inputs could permanently alter the agent's knowledge of the user.

L3 · Agent Frameworks⚠ not certain from listing

Not certain from the listing — uses orchestration logic to manage state, memory recall, and the proactive notification system (texting the user first). Vulnerabilities in this framework could allow attackers to trigger unauthorized messages or manipulate the agent's internal 'opinions'.

L4 · Deployment & Infrastructure⚠ not certain from listing

Not certain from the listing — requires integration with external messaging gateways (e.g., SMS, push notifications) and cloud hosting. Compromise of these communication channels or API keys could allow attackers to spoof the agent and send malicious links directly to users.

L5 · Evaluation & Observability⚠ not certain from listing

Not certain from the listing — requires continuous monitoring and guardrails to ensure the 'evolving personality' does not drift into toxic, abusive, or psychologically harmful interactions. A lack of observability could leave emotional manipulation undetected.

L6 · Security & Compliance (cross-cutting)⚠ not certain from listing

Not certain from the listing — handling highly intimate personal data demands strict compliance with privacy regulations (GDPR, CCPA) and robust encryption. No security certifications or access controls are publicly detailed.

L7 · Agent Ecosystem⚠ not certain from listing

Not certain from the listing — designed as a closed-source, 1-on-1 personal companion with no indicated multi-agent or ecosystem integrations, minimizing external agent-to-agent threats.

MAESTRO — the 7-layer agentic threat-modeling framework (Cloud Security Alliance / Ken Huang).