AgentReadyHomeAgent Listing

← Embeddable

Embeddable — agentic threat model

8.9AIVSS 8.9 · High

Embeddable presents a significant supply-chain risk because it generates native, non-iframe client-side code integrated with third-party CRMs and databases. A compromise or prompt injection vulnerability could allow attackers to inject malicious scripts (XSS) directly into client websites.

OWASP AIVSS score rationale

AIVSS = (CVSS_Base + AARS) × Mitigation_Factor, where AARS = (10 − CVSS_Base) × (Factor_Sum / 10) × ThM
CVSS base 8.5AARS uplift 0.44Factor sum 2.8/10Threat ×1.05Mitigation ×1.0
Autonomy of Action
0.30
Goal-Driven Planning
0.20
Self-Modification
0.10
Dynamic Tool Use
0.50
Persistent Memory
0.20
Contextual Awareness
0.40
Dynamic Identity
0.20
Multi-Agent Interactions
0.10
Non-Determinism
0.50
Opacity & Reflexivity
0.30

Scored with the canonical OWASP AIVSS formula (AIVSS calculator reference); agentic risk factors estimated from the agent’s described capabilities.

MAESTRO 7-layer threat model

Per-layer threats for this agent. Layers tagged “not certain from listing” are general, caveated commentary where the public description didn’t pin that layer.

L1 · Foundation Models⚠ not certain from listing

Not certain from the listing — the specific LLMs used for the prompt-guided builder are not disclosed. Potential threats include prompt injection leading to malicious code generation (XSS) in the generated embeds.

L2 · Data Operations⚠ not certain from listing

Not certain from the listing — details on how user prompts, templates, and integration data (CRM, Airtable) are stored or processed are omitted. Risk of data exfiltration or leakage of sensitive CRM data via the generated embeds.

L3 · Agent Frameworks✓ mapped

The orchestration involves translating user prompts into native code/logic flows and connecting them to integrations (Sheets, CRM). Threat: Insecure tool integration or prompt injection bypassing logic flows to execute unauthorized API calls.

L4 · Deployment & Infrastructure⚠ not certain from listing

Not certain from the listing — hosting of the builder platform and the script delivery network is unspecified. Threat: Compromise of the script hosting infrastructure could lead to a massive supply-chain attack on all embedded sites.

L5 · Evaluation & Observability⚠ not certain from listing

Not certain from the listing — no mention of guardrails or monitoring for the generated code. Threat: Lack of validation allows the generation of malicious or vulnerable scripts (e.g., DOM-based XSS) without detection.

L6 · Security & Compliance (cross-cutting)⚠ not certain from listing

Not certain from the listing — no details on authentication, access controls for integrations (Airtable, CRM), or compliance standards. Threat: Unauthorized access to connected CRMs due to weak credential management.

L7 · Agent Ecosystem✓ mapped

The agent integrates with external LLMs and CRMs. Threat: Cascading failures or data leakage if downstream LLMs or CRM APIs are compromised or manipulated by the generated embed's inputs.

MAESTRO — the 7-layer agentic threat-modeling framework (Cloud Security Alliance / Ken Huang).