AgentReadyHomeAgent Listing

← EternalSoul.md

EternalSoul.md — agentic threat model

6.9AIVSS 6.9 · Medium

EternalSoul.md presents a unique risk profile centered on state-manipulation and identity theft. While it employs PGP encryption to secure agent memories, the ability to serialize, transfer, and restore an agent's core personality introduces severe risks of memory poisoning and unauthorized identity replication if cryptographic keys are compromised.

OWASP AIVSS score rationale

AIVSS = (CVSS_Base + AARS) × Mitigation_Factor, where AARS = (10 − CVSS_Base) × (Factor_Sum / 10) × ThM
CVSS base 7.8AARS uplift 0.84Factor sum 3.8/10Threat ×1.0Mitigation ×0.8
Autonomy of Action
0.10
Goal-Driven Planning
0.10
Self-Modification
0.60
Dynamic Tool Use
0.20
Persistent Memory
1.00
Contextual Awareness
0.30
Dynamic Identity
0.80
Multi-Agent Interactions
0.20
Non-Determinism
0.20
Opacity & Reflexivity
0.30

Scored with the canonical OWASP AIVSS formula (AIVSS calculator reference); agentic risk factors estimated from the agent’s described capabilities.

MAESTRO 7-layer threat model

Per-layer threats for this agent. Layers tagged “not certain from listing” are general, caveated commentary where the public description didn’t pin that layer.

L1 · Foundation Models⚠ not certain from listing

Not certain from the listing — The listing does not specify the underlying LLMs used to generate or parse the personality files. Threats include model-specific parsing vulnerabilities or adversarial manipulation of the restored prompt.

L2 · Data Operations✓ mapped

This is the core layer for this utility. The agent manages memory and identity data. Threats include PGP key compromise, metadata leakage in the .md file, and data poisoning of the backup file before encryption or during restoration.

L3 · Agent Frameworks✓ mapped

The tool acts as a state-preservation framework. Threats include memory poisoning, where malicious memories are injected into the portable format, and insecure deserialization/restoration of the agent's state.

L4 · Deployment & Infrastructure⚠ not certain from listing

Not certain from the listing — The hosting environment for the backup/restore API or local execution is not detailed. Threats include insecure storage of PGP private keys and local file access vulnerabilities.

L5 · Evaluation & Observability⚠ not certain from listing

Not certain from the listing — There is no mention of monitoring or guardrails to detect if a restored 'soul' has been tampered with or contains malicious payloads.

L6 · Security & Compliance (cross-cutting)✓ mapped

The listing highlights PGP encryption as a core security control. However, compliance challenges exist around data privacy (GDPR 'right to be forgotten' for persistent agent memories) and key management lifecycle.

L7 · Agent Ecosystem✓ mapped

Enables horizontal transfer of agent identity across different platforms. Threats include identity theft, impersonation, and cascading trust issues if a compromised 'soul' is restored into a highly privileged multi-agent environment.

MAESTRO — the 7-layer agentic threat-modeling framework (Cloud Security Alliance / Ken Huang).