AgentReadyHomeAgent Listing

← Dhisana AI

Dhisana AI — agentic threat model

9.5AIVSS 9.5 · Critical

Dhisana AI presents a high agentic risk profile due to its deep integration across the GTM stack (CRM, email, customer data) and its multi-agent orchestration of the sales funnel. A compromise could lead to widespread data exfiltration, pipeline manipulation, and unauthorized external communications.

OWASP AIVSS score rationale

AIVSS = (CVSS_Base + AARS) × Mitigation_Factor, where AARS = (10 − CVSS_Base) × (Factor_Sum / 10) × ThM
CVSS base 8.5AARS uplift 0.99Factor sum 6.3/10Threat ×1.05Mitigation ×1.0
Autonomy of Action
0.70
Goal-Driven Planning
0.80
Self-Modification
0.20
Dynamic Tool Use
0.80
Persistent Memory
0.70
Contextual Awareness
0.80
Dynamic Identity
0.40
Multi-Agent Interactions
0.60
Non-Determinism
0.70
Opacity & Reflexivity
0.60

Scored with the canonical OWASP AIVSS formula (AIVSS calculator reference); agentic risk factors estimated from the agent’s described capabilities.

MAESTRO 7-layer threat model

Per-layer threats for this agent. Layers tagged “not certain from listing” are general, caveated commentary where the public description didn’t pin that layer.

L1 · Foundation Models⚠ not certain from listing

Not certain from the listing — likely relies on commercial LLMs (like OpenAI or Anthropic) for personalized outreach and call coaching. Threats include prompt injection leading to inappropriate outreach generation or model reprogramming.

L2 · Data Operations⚠ not certain from listing

Not certain from the listing — ingests CRM data, call transcripts, and GTM stack data to build briefs and predict churn. Threats include data poisoning of forecasting models and exfiltration of sensitive customer PII.

L3 · Agent Frameworks✓ mapped

Dhisana AI orchestrates complex agentic workflows across multiple sales roles (SDR, AE, CS, RevOps). Threats include insecure tool integration with GTM stacks and tool misuse, such as sending unauthorized emails or corrupting CRM data.

L4 · Deployment & Infrastructure⚠ not certain from listing

Not certain from the listing — closed-source SaaS hosting. Threats include container compromise or credential theft of integrated GTM API keys stored in the infrastructure.

L5 · Evaluation & Observability⚠ not certain from listing

Not certain from the listing — no mention of guardrails or monitoring for generated outreach or coaching. Threats include drift in forecasting models and unmonitored toxic/hallucinated outreach.

L6 · Security & Compliance (cross-cutting)⚠ not certain from listing

Not certain from the listing — no explicit security certifications (like SOC2) or RBAC detailed for the GTM integrations. Threats include unauthorized access to unified revenue data.

L7 · Agent Ecosystem✓ mapped

Operates as a multi-agent system (SDR, AE, CS, RevOps) interacting across the GTM stack. Threats include cascading failures where a compromised SDR agent poisons the pipeline data used by the CRO forecasting agent.

MAESTRO — the 7-layer agentic threat-modeling framework (Cloud Security Alliance / Ken Huang).