AgentReadyHomeAgent Listing

← Clockwise

Clockwise — agentic threat model

8.7AIVSS 8.7 · High

Clockwise presents a moderate-to-high risk profile due to its direct write-access to corporate calendar systems, which could be abused for data exfiltration, social engineering, or organizational disruption if compromised.

OWASP AIVSS score rationale

AIVSS = (CVSS_Base + AARS) × Mitigation_Factor, where AARS = (10 − CVSS_Base) × (Factor_Sum / 10) × ThM
CVSS base 7.5AARS uplift 1.2Factor sum 4.8/10Threat ×1.0Mitigation ×1.0
Autonomy of Action
0.70
Goal-Driven Planning
0.50
Self-Modification
0.10
Dynamic Tool Use
0.60
Persistent Memory
0.60
Contextual Awareness
0.70
Dynamic Identity
0.30
Multi-Agent Interactions
0.30
Non-Determinism
0.50
Opacity & Reflexivity
0.50

Scored with the canonical OWASP AIVSS formula (AIVSS calculator reference); agentic risk factors estimated from the agent’s described capabilities.

MAESTRO 7-layer threat model

Per-layer threats for this agent. Layers tagged “not certain from listing” are general, caveated commentary where the public description didn’t pin that layer.

L1 · Foundation Models⚠ not certain from listing

Not certain from the listing — The specific foundation models powering Clockwise's scheduling intelligence are not disclosed, leaving potential exposure to model-specific adversarial prompt injection or output manipulation unverified.

L2 · Data Operations✓ mapped

Clockwise ingests highly sensitive calendar data, user preferences, and organizational work patterns. Threats include unauthorized data exfiltration of meeting details and calendar poisoning where malicious invites manipulate the optimization engine.

L3 · Agent Frameworks✓ mapped

The agent framework orchestrates calendar modifications and conflict resolution. Insecure tool integration with calendar APIs (e.g., Google Calendar, Microsoft Outlook) could allow unauthorized meeting deletions, modifications, or spamming of invites.

L4 · Deployment & Infrastructure⚠ not certain from listing

Not certain from the listing — The deployment architecture, hosting environment, and secrets management for OAuth tokens are not detailed, presenting risks of credential theft or container compromise if not properly sandboxed.

L5 · Evaluation & Observability⚠ not certain from listing

Not certain from the listing — There is no mention of real-time guardrails, drift detection, or logging mechanisms to monitor and audit the AI's scheduling decisions for anomalous behavior.

L6 · Security & Compliance (cross-cutting)⚠ not certain from listing

Not certain from the listing — While operating as a closed-source freemium business tool, the listing does not explicitly cite compliance certifications (such as SOC 2) or specific identity governance policies.

L7 · Agent Ecosystem⚠ not certain from listing

Not certain from the listing — Although Clockwise coordinates schedules across teams and organizations, it is unclear if it utilizes autonomous multi-agent negotiation protocols that could be vulnerable to cascading scheduling failures or trust abuse.

MAESTRO — the 7-layer agentic threat-modeling framework (Cloud Security Alliance / Ken Huang).