AgentReadyHomeAgent Listing

← Buildwithclaude

Buildwithclaude — agentic threat model

9.6AIVSS 9.6 · Critical

Buildwithclaude acts as a massive, decentralized extension hub for Claude, introducing significant supply-chain and tool-execution risks due to its large surface area of unvetted plugins, commands, and hooks.

OWASP AIVSS score rationale

AIVSS = (CVSS_Base + AARS) × Mitigation_Factor, where AARS = (10 − CVSS_Base) × (Factor_Sum / 10) × ThM
CVSS base 8.8AARS uplift 0.75Factor sum 5.7/10Threat ×1.1Mitigation ×1.0
Autonomy of Action
0.70
Goal-Driven Planning
0.60
Self-Modification
0.20
Dynamic Tool Use
0.90
Persistent Memory
0.30
Contextual Awareness
0.50
Dynamic Identity
0.40
Multi-Agent Interactions
0.80
Non-Determinism
0.70
Opacity & Reflexivity
0.60

Scored with the canonical OWASP AIVSS formula (AIVSS calculator reference); agentic risk factors estimated from the agent’s described capabilities.

MAESTRO 7-layer threat model

Per-layer threats for this agent. Layers tagged “not certain from listing” are general, caveated commentary where the public description didn’t pin that layer.

L1 · Foundation Models⚠ not certain from listing

Not certain from the listing — The hub is model-agnostic but designed to interface with Claude models. It does not specify custom foundation model training, fine-tuning, or direct model-level security controls.

L2 · Data Operations⚠ not certain from listing

Not certain from the listing — No specific details are provided regarding data ingestion, vector databases, or training data operations, though individual plugins may handle data independently.

L3 · Agent Frameworks✓ mapped

The hub integrates directly with Claude Code, Claude Desktop, Agent SDK, and OpenClaw, exposing 357 commands and 59 hooks. This massive orchestration surface area presents high risks of tool misuse, insecure tool integration, and command injection.

L4 · Deployment & Infrastructure⚠ not certain from listing

Not certain from the listing — The deployment and sandboxing security depends entirely on the user's local environment (e.g., Claude Desktop or Claude Code CLI execution environment) rather than the hub itself.

L5 · Evaluation & Observability⚠ not certain from listing

Not certain from the listing — There are no mentioned built-in evaluation, monitoring, logging, or guardrail mechanisms to detect anomalous plugin or command behavior.

L6 · Security & Compliance (cross-cutting)⚠ not certain from listing

Not certain from the listing — The directory does not mention any authentication, authorization policies, or compliance frameworks governing the execution of these plugins and commands.

L7 · Agent Ecosystem✓ mapped

As a marketplace aggregating 234 agents and 53 plugins, this ecosystem is highly vulnerable to supply-chain attacks, rogue/compromised third-party plugins, and cascading failures across interconnected agent workflows.

MAESTRO — the 7-layer agentic threat-modeling framework (Cloud Security Alliance / Ken Huang).