AgentReadyHomeAgent Listing

← core-data-expert

core-data-expert — agentic threat model

4.6AIVSS 4.6 · Medium

The core-data-expert agent operates primarily as a static code generation and architectural guidance assistant with low autonomy, presenting minimal direct operational risk unless its generated code is executed without human review.

OWASP AIVSS score rationale

AIVSS = (CVSS_Base + AARS) × Mitigation_Factor, where AARS = (10 − CVSS_Base) × (Factor_Sum / 10) × ThM
CVSS base 4.3AARS uplift 0.81Factor sum 1.5/10Threat ×0.95Mitigation ×0.9
Autonomy of Action
0.10
Goal-Driven Planning
0.20
Self-Modification
0.00
Dynamic Tool Use
0.10
Persistent Memory
0.10
Contextual Awareness
0.30
Dynamic Identity
0.00
Multi-Agent Interactions
0.00
Non-Determinism
0.40
Opacity & Reflexivity
0.30

Scored with the canonical OWASP AIVSS formula (AIVSS calculator reference); agentic risk factors estimated from the agent’s described capabilities.

MAESTRO 7-layer threat model

Per-layer threats for this agent. Layers tagged “not certain from listing” are general, caveated commentary where the public description didn’t pin that layer.

L1 · Foundation Models⚠ not certain from listing

Not certain from the listing — relies on an unspecified underlying foundation model. The primary threat is model hallucination leading to insecure Swift concurrency patterns or flawed Core Data migration code that could cause data loss.

L2 · Data Operations⚠ not certain from listing

Not certain from the listing — the agent's knowledge base appears to be static Apple documentation and Core Data best practices. Risks include outdated framework knowledge or poisoned training data regarding CloudKit sync configurations.

L3 · Agent Frameworks✓ mapped

The agent acts as a code-generation skill. There is no evidence of active tool execution, file-system writing, or direct database manipulation capabilities, limiting framework-level execution threats.

L4 · Deployment & Infrastructure⚠ not certain from listing

Not certain from the listing — deployment infrastructure is not specified. If hosted as a web service, standard containerization and transport security apply; if run locally, it inherits the host user's security posture.

L5 · Evaluation & Observability⚠ not certain from listing

Not certain from the listing — there are no mentioned guardrails, output validation, or observability mechanisms to detect if the agent generates insecure or broken Core Data code.

L6 · Security & Compliance (cross-cutting)⚠ not certain from listing

Not certain from the listing — no compliance certifications, access controls, or identity management features are described for this open-source skill.

L7 · Agent Ecosystem✓ mapped

The agent is a single-purpose skill with no described multi-agent orchestration, marketplace integrations, or agent-to-agent communication capabilities.

MAESTRO — the 7-layer agentic threat-modeling framework (Cloud Security Alliance / Ken Huang).