Divorce Prediction — agentic threat model
The Divorce Prediction agent presents low agentic risk due to its lack of autonomy, planning, and tool-use capabilities; however, it carries significant privacy risks due to the highly sensitive psychological and relationship data it processes.
OWASP AIVSS score rationale
| Autonomy of Action | 0.10 | |
| Goal-Driven Planning | 0.10 | |
| Self-Modification | 0.00 | |
| Dynamic Tool Use | 0.00 | |
| Persistent Memory | 0.10 | |
| Contextual Awareness | 0.30 | |
| Dynamic Identity | 0.00 | |
| Multi-Agent Interactions | 0.00 | |
| Non-Determinism | 0.30 | |
| Opacity & Reflexivity | 0.20 |
Scored with the canonical OWASP AIVSS formula (AIVSS calculator reference); agentic risk factors estimated from the agent’s described capabilities.
MAESTRO 7-layer threat model
Per-layer threats for this agent. Layers tagged “not certain from listing” are general, caveated commentary where the public description didn’t pin that layer.
Not certain from the listing — The underlying model is likely a classification or fine-tuned LLM. Primary threats include prompt injection to manipulate prediction scores or extract system prompts, and potential bias in the training data leading to skewed relationship advice.
Not certain from the listing — The agent processes highly sensitive personal questionnaire data. The primary threat is data exfiltration or unauthorized access to user-submitted psychological profiles, as no explicit database encryption or RAG architecture is detailed.
Not certain from the listing — The agent appears to function as a simple input-output questionnaire wrapper rather than a complex agentic framework. Risks are limited to basic input validation failures and logic manipulation.
Not certain from the listing — Hosted as a web application. Standard web application vulnerabilities (e.g., cross-site scripting, insecure direct object references) could expose user session data or prediction reports.
Not certain from the listing — No observability or guardrail mechanisms are mentioned. There is a risk of generating harmful, deterministic relationship advice without safety filters to handle emotionally vulnerable users.
Not certain from the listing — Although marketed as a 'secure, private' platform, there is no mention of compliance with privacy regulations (such as GDPR or HIPAA) which are critical given the sensitive nature of relationship and psychological data.
Not certain from the listing — The agent operates as a standalone tool with no described multi-agent coordination, marketplace integrations, or external ecosystem dependencies.
MAESTRO — the 7-layer agentic threat-modeling framework (Cloud Security Alliance / Ken Huang).