Astrix Health — agentic threat model
Astrix Health presents a high-risk profile due to its autonomous purchasing capabilities and integration with critical healthcare infrastructure (patient flow and inventory), where compromise could lead to severe financial loss, supply chain disruption, and HIPAA data breaches.
OWASP AIVSS score rationale
| Autonomy of Action | 0.80 | |
| Goal-Driven Planning | 0.70 | |
| Self-Modification | 0.10 | |
| Dynamic Tool Use | 0.80 | |
| Persistent Memory | 0.60 | |
| Contextual Awareness | 0.80 | |
| Dynamic Identity | 0.30 | |
| Multi-Agent Interactions | 0.20 | |
| Non-Determinism | 0.60 | |
| Opacity & Reflexivity | 0.50 |
Scored with the canonical OWASP AIVSS formula (AIVSS calculator reference); agentic risk factors estimated from the agent’s described capabilities.
MAESTRO 7-layer threat model
Per-layer threats for this agent. Layers tagged “not certain from listing” are general, caveated commentary where the public description didn’t pin that layer.
Not certain from the listing — likely utilizes proprietary or commercial LLMs optimized for negotiation and analysis. Threats include prompt injection that could manipulate purchasing decisions or vendor negotiations.
Ingests real-time inventory, spending patterns, and patient flow data. Threats include data poisoning of inventory metrics to trigger fraudulent or excessive purchasing, and exfiltration of sensitive patient metrics.
Orchestrates multi-step purchasing workflows and vendor comparisons. Threats include tool misuse where the agent executes unauthorized financial transactions or interacts with malicious vendor APIs.
Not certain from the listing — likely hosted in a secure cloud environment. Threats include compromise of API keys used to connect to hospital inventory databases and vendor purchasing portals.
Not certain from the listing — mentions continuous monitoring of inventory, but does not detail LLM-specific guardrails or transaction anomaly detection. Threats include blind spots in detecting rogue purchasing behavior.
Explicitly claims HIPAA-compliant security. Threats include authorization bypasses allowing unauthorized users to trigger purchases, or accidental exposure of PHI during data processing.
Interacts directly with external vendor systems and potentially vendor-side automated agents. Threats include cascading supply chain failures if a connected vendor system is compromised or feeds malicious data.
MAESTRO — the 7-layer agentic threat-modeling framework (Cloud Security Alliance / Ken Huang).