CliniSearch — agentic threat model
CliniSearch is a low-autonomy, retrieval-focused agent designed for clinical document search. Its primary risk lies in the integrity of its RAG pipeline, where model hallucinations or data poisoning could present incorrect clinical guidelines to medical professionals.
OWASP AIVSS score rationale
| Autonomy of Action | 0.20 | |
| Goal-Driven Planning | 0.20 | |
| Self-Modification | 0.00 | |
| Dynamic Tool Use | 0.20 | |
| Persistent Memory | 0.10 | |
| Contextual Awareness | 0.40 | |
| Dynamic Identity | 0.00 | |
| Multi-Agent Interactions | 0.00 | |
| Non-Determinism | 0.50 | |
| Opacity & Reflexivity | 0.40 |
Scored with the canonical OWASP AIVSS formula (AIVSS calculator reference); agentic risk factors estimated from the agent’s described capabilities.
MAESTRO 7-layer threat model
Per-layer threats for this agent. Layers tagged “not certain from listing” are general, caveated commentary where the public description didn’t pin that layer.
Not certain from the listing — likely utilizes a commercial or open-weight LLM optimized for retrieval and summarization. The primary threat is prompt injection or adversarial manipulation that could cause the model to misrepresent or hallucinate clinical guidance.
Highly critical layer for CliniSearch. It relies on a RAG pipeline ingesting NICE, NHS, and specialty society guidelines. Threats include knowledge-base poisoning, out-of-date document synchronization, and embedding drift which could lead to outdated or incorrect clinical recommendations being served.
Not certain from the listing — likely uses a standard orchestration framework to manage the search-and-retrieve loop. Threats include insecure tool integration if the search queries can be manipulated to access unauthorized internal data sources.
Not certain from the listing — likely hosted on standard cloud infrastructure. Security threats include unauthorized access to the vector database hosting the clinical guidelines or API endpoints.
Not certain from the listing — requires rigorous evaluation and observability to detect drift, hallucinations, or retrieval failures in a high-stakes clinical context.
Crucial for UK healthcare deployment. The agent must align with NHS Digital Technology Assessment Criteria (DTAC), GDPR, and clinical safety standards (such as DCB0129/DCB0160) to ensure data privacy and clinical risk management.
Not certain from the listing — currently operates as a standalone vertical search tool with no described multi-agent or ecosystem integration capabilities.
MAESTRO — the 7-layer agentic threat-modeling framework (Cloud Security Alliance / Ken Huang).