AgentReadyHomeAgent Listing

← Astrix Health

Astrix Health — agentic threat model

7.9AIVSS 7.9 · High

Astrix Health presents a high-risk profile due to its autonomous purchasing capabilities and integration with critical healthcare infrastructure (patient flow and inventory), where compromise could lead to severe financial loss, supply chain disruption, and HIPAA data breaches.

OWASP AIVSS score rationale

AIVSS = (CVSS_Base + AARS) × Mitigation_Factor, where AARS = (10 − CVSS_Base) × (Factor_Sum / 10) × ThM
CVSS base 8.5AARS uplift 0.85Factor sum 5.4/10Threat ×1.05Mitigation ×0.85
Autonomy of Action
0.80
Goal-Driven Planning
0.70
Self-Modification
0.10
Dynamic Tool Use
0.80
Persistent Memory
0.60
Contextual Awareness
0.80
Dynamic Identity
0.30
Multi-Agent Interactions
0.20
Non-Determinism
0.60
Opacity & Reflexivity
0.50

Scored with the canonical OWASP AIVSS formula (AIVSS calculator reference); agentic risk factors estimated from the agent’s described capabilities.

MAESTRO 7-layer threat model

Per-layer threats for this agent. Layers tagged “not certain from listing” are general, caveated commentary where the public description didn’t pin that layer.

L1 · Foundation Models⚠ not certain from listing

Not certain from the listing — likely utilizes proprietary or commercial LLMs optimized for negotiation and analysis. Threats include prompt injection that could manipulate purchasing decisions or vendor negotiations.

L2 · Data Operations✓ mapped

Ingests real-time inventory, spending patterns, and patient flow data. Threats include data poisoning of inventory metrics to trigger fraudulent or excessive purchasing, and exfiltration of sensitive patient metrics.

L3 · Agent Frameworks✓ mapped

Orchestrates multi-step purchasing workflows and vendor comparisons. Threats include tool misuse where the agent executes unauthorized financial transactions or interacts with malicious vendor APIs.

L4 · Deployment & Infrastructure⚠ not certain from listing

Not certain from the listing — likely hosted in a secure cloud environment. Threats include compromise of API keys used to connect to hospital inventory databases and vendor purchasing portals.

L5 · Evaluation & Observability⚠ not certain from listing

Not certain from the listing — mentions continuous monitoring of inventory, but does not detail LLM-specific guardrails or transaction anomaly detection. Threats include blind spots in detecting rogue purchasing behavior.

L6 · Security & Compliance (cross-cutting)✓ mapped

Explicitly claims HIPAA-compliant security. Threats include authorization bypasses allowing unauthorized users to trigger purchases, or accidental exposure of PHI during data processing.

L7 · Agent Ecosystem✓ mapped

Interacts directly with external vendor systems and potentially vendor-side automated agents. Threats include cascading supply chain failures if a connected vendor system is compromised or feeds malicious data.

MAESTRO — the 7-layer agentic threat-modeling framework (Cloud Security Alliance / Ken Huang).