AgentReadyHomeAgent Listing

← Audiform

Audiform — agentic threat model

8.7AIVSS 8.7 · High

Audiform presents a moderate-to-high risk profile due to its outbound voice calling capabilities, which could be weaponized for automated vishing, social engineering, or toll fraud if the agent's prompt orchestration or telephony integration is compromised.

OWASP AIVSS score rationale

AIVSS = (CVSS_Base + AARS) × Mitigation_Factor, where AARS = (10 − CVSS_Base) × (Factor_Sum / 10) × ThM
CVSS base 7.5AARS uplift 1.23Factor sum 4.7/10Threat ×1.05Mitigation ×1.0
Autonomy of Action
0.80
Goal-Driven Planning
0.60
Self-Modification
0.10
Dynamic Tool Use
0.70
Persistent Memory
0.40
Contextual Awareness
0.60
Dynamic Identity
0.20
Multi-Agent Interactions
0.10
Non-Determinism
0.70
Opacity & Reflexivity
0.50

Scored with the canonical OWASP AIVSS formula (AIVSS calculator reference); agentic risk factors estimated from the agent’s described capabilities.

MAESTRO 7-layer threat model

Per-layer threats for this agent. Layers tagged “not certain from listing” are general, caveated commentary where the public description didn’t pin that layer.

L1 · Foundation Models⚠ not certain from listing

Not certain from the listing — likely utilizes a combination of speech-to-text (STT), LLMs for conversational logic, and text-to-speech (TTS) models. Primary threats include voice prompt injection (VPI) where a user manipulates the LLM via spoken responses, and model hallucinations during live customer calls.

L2 · Data Operations⚠ not certain from listing

Not certain from the listing — ingests, transcribes, and stores voice feedback. Key threats include unauthorized access to raw audio recordings (which may contain PII), data exfiltration from the survey database, and lack of secure data retention policies for voice biometrics.

L3 · Agent Frameworks⚠ not certain from listing

Not certain from the listing — orchestrates the conversational flow and survey logic. Threats include insecure tool integration with telephony APIs, allowing an attacker to hijack the agent's logic to make unauthorized outbound calls or bypass survey boundaries.

L4 · Deployment & Infrastructure⚠ not certain from listing

Not certain from the listing — relies on telephony infrastructure (SIP/WebRTC) and cloud hosting. Threats include toll fraud, SIP registration hijacking, and insecure storage of audio files in cloud buckets without proper access controls.

L5 · Evaluation & Observability⚠ not certain from listing

Not certain from the listing — requires real-time monitoring of call transcripts and sentiment analysis. Gaps in observability could allow malicious actors to use the conversational agent for social engineering without detection.

L6 · Security & Compliance (cross-cutting)⚠ not certain from listing

Not certain from the listing — must adhere to strict telecommunication regulations (e.g., TCPA in the US, GDPR/CCPA for voice recording consent). Lack of explicit consent mechanisms or secure access controls to the analytics dashboard poses compliance risks.

L7 · Agent Ecosystem⚠ not certain from listing

Not certain from the listing — likely integrates with downstream CRM or marketing automation platforms to push survey insights. Threats include cascading trust issues where a compromised survey agent injects malicious payloads or false data into connected enterprise systems.

MAESTRO — the 7-layer agentic threat-modeling framework (Cloud Security Alliance / Ken Huang).