AgentReadyHomeAgent Listing

← Cust

Cust — agentic threat model

8.4AIVSS 8.4 · High

Cust is an autonomous customer success agent with high autonomy and persistent memory designed to proactively interact with and influence customers, presenting risks of unauthorized communication, social engineering, and customer data exposure if compromised.

OWASP AIVSS score rationale

AIVSS = (CVSS_Base + AARS) × Mitigation_Factor, where AARS = (10 − CVSS_Base) × (Factor_Sum / 10) × ThM
CVSS base 6.5AARS uplift 1.85Factor sum 5.3/10Threat ×1.0Mitigation ×1.0
Autonomy of Action
0.80
Goal-Driven Planning
0.70
Self-Modification
0.10
Dynamic Tool Use
0.50
Persistent Memory
0.80
Contextual Awareness
0.80
Dynamic Identity
0.20
Multi-Agent Interactions
0.10
Non-Determinism
0.70
Opacity & Reflexivity
0.60

Scored with the canonical OWASP AIVSS formula (AIVSS calculator reference); agentic risk factors estimated from the agent’s described capabilities.

MAESTRO 7-layer threat model

Per-layer threats for this agent. Layers tagged “not certain from listing” are general, caveated commentary where the public description didn’t pin that layer.

L1 · Foundation Models⚠ not certain from listing

Not certain from the listing — The underlying foundation models are not specified. Standard risks include prompt injection leading to unauthorized customer interactions or misaligned outputs during proactive outreach.

L2 · Data Operations⚠ not certain from listing

Not certain from the listing — The agent gathers customer insights and builds personalized plans, implying access to customer databases or CRM systems. This creates risks of data exfiltration, knowledge-base poisoning, or unauthorized access to sensitive customer profiles.

L3 · Agent Frameworks⚠ not certain from listing

Not certain from the listing — The orchestration framework is unspecified. However, the agent's ability to proactively contact customers and influence decisions suggests tool integration with email or messaging APIs, raising risks of tool misuse and unauthorized message generation.

L4 · Deployment & Infrastructure⚠ not certain from listing

Not certain from the listing — The deployment infrastructure is not described. As a closed-source, paid technology platform, it likely runs as a SaaS, requiring secure tenant isolation, secrets management for CRM integrations, and robust API security.

L5 · Evaluation & Observability⚠ not certain from listing

Not certain from the listing — No evaluation, monitoring, or guardrail mechanisms are mentioned. Proactive customer-facing agents require strict output filtering and drift detection to prevent reputational damage or rogue commitments.

L6 · Security & Compliance (cross-cutting)⚠ not certain from listing

Not certain from the listing — Compliance certifications (such as SOC 2 or GDPR) are not cited. Handling customer journey data and proactive outreach requires strict adherence to privacy regulations and robust access controls.

L7 · Agent Ecosystem⚠ not certain from listing

Not certain from the listing — There is no mention of multi-agent collaboration or ecosystem integrations beyond standard customer success workflows.

MAESTRO — the 7-layer agentic threat-modeling framework (Cloud Security Alliance / Ken Huang).