AgentReadyHomeAgent Listing

← Divorce Prediction

Divorce Prediction — agentic threat model

6.2AIVSS 6.2 · Medium

The Divorce Prediction agent presents low agentic risk due to its lack of autonomy, planning, and tool-use capabilities; however, it carries significant privacy risks due to the highly sensitive psychological and relationship data it processes.

OWASP AIVSS score rationale

AIVSS = (CVSS_Base + AARS) × Mitigation_Factor, where AARS = (10 − CVSS_Base) × (Factor_Sum / 10) × ThM
CVSS base 6.1AARS uplift 0.41Factor sum 1.1/10Threat ×0.95Mitigation ×0.95
Autonomy of Action
0.10
Goal-Driven Planning
0.10
Self-Modification
0.00
Dynamic Tool Use
0.00
Persistent Memory
0.10
Contextual Awareness
0.30
Dynamic Identity
0.00
Multi-Agent Interactions
0.00
Non-Determinism
0.30
Opacity & Reflexivity
0.20

Scored with the canonical OWASP AIVSS formula (AIVSS calculator reference); agentic risk factors estimated from the agent’s described capabilities.

MAESTRO 7-layer threat model

Per-layer threats for this agent. Layers tagged “not certain from listing” are general, caveated commentary where the public description didn’t pin that layer.

L1 · Foundation Models⚠ not certain from listing

Not certain from the listing — The underlying model is likely a classification or fine-tuned LLM. Primary threats include prompt injection to manipulate prediction scores or extract system prompts, and potential bias in the training data leading to skewed relationship advice.

L2 · Data Operations⚠ not certain from listing

Not certain from the listing — The agent processes highly sensitive personal questionnaire data. The primary threat is data exfiltration or unauthorized access to user-submitted psychological profiles, as no explicit database encryption or RAG architecture is detailed.

L3 · Agent Frameworks⚠ not certain from listing

Not certain from the listing — The agent appears to function as a simple input-output questionnaire wrapper rather than a complex agentic framework. Risks are limited to basic input validation failures and logic manipulation.

L4 · Deployment & Infrastructure⚠ not certain from listing

Not certain from the listing — Hosted as a web application. Standard web application vulnerabilities (e.g., cross-site scripting, insecure direct object references) could expose user session data or prediction reports.

L5 · Evaluation & Observability⚠ not certain from listing

Not certain from the listing — No observability or guardrail mechanisms are mentioned. There is a risk of generating harmful, deterministic relationship advice without safety filters to handle emotionally vulnerable users.

L6 · Security & Compliance (cross-cutting)⚠ not certain from listing

Not certain from the listing — Although marketed as a 'secure, private' platform, there is no mention of compliance with privacy regulations (such as GDPR or HIPAA) which are critical given the sensitive nature of relationship and psychological data.

L7 · Agent Ecosystem⚠ not certain from listing

Not certain from the listing — The agent operates as a standalone tool with no described multi-agent coordination, marketplace integrations, or external ecosystem dependencies.

MAESTRO — the 7-layer agentic threat-modeling framework (Cloud Security Alliance / Ken Huang).