EVA.ai — agentic threat model
EVA.ai presents a moderate-to-high risk profile due to its deep integration with enterprise HRIS/ATS systems and access to sensitive candidate PII. While it automates high-impact workflows like screening and scheduling, its closed-source nature and potential for algorithmic bias require robust guardrails.
OWASP AIVSS score rationale
| Autonomy of Action | 0.70 | |
| Goal-Driven Planning | 0.60 | |
| Self-Modification | 0.10 | |
| Dynamic Tool Use | 0.60 | |
| Persistent Memory | 0.70 | |
| Contextual Awareness | 0.80 | |
| Dynamic Identity | 0.30 | |
| Multi-Agent Interactions | 0.20 | |
| Non-Determinism | 0.50 | |
| Opacity & Reflexivity | 0.60 |
Scored with the canonical OWASP AIVSS formula (AIVSS calculator reference); agentic risk factors estimated from the agent’s described capabilities.
MAESTRO 7-layer threat model
Per-layer threats for this agent. Layers tagged “not certain from listing” are general, caveated commentary where the public description didn’t pin that layer.
Not certain from the listing — The specific underlying LLMs are not disclosed. Threats include adversarial prompt injection by candidates seeking to bypass screening filters, and latent algorithmic bias in candidate recommendation models.
Processes highly sensitive candidate PII, resumes, and employee profiles via ATS/HRIS integrations. Threats include data exfiltration of HR records and knowledge-base poisoning through manipulated resumes designed to game the recommendation engine.
Orchestrates multi-step recruitment workflows, automated scheduling, and live interview analysis. Threats include tool misuse (e.g., calendar hijacking via scheduling APIs) and insecure integration with external communication channels.
Not certain from the listing — Specific hosting, sandboxing, and network isolation details are not provided. Threats include container compromise and unauthorized API access to the closed-source enterprise environment.
Not certain from the listing — While workforce analytics and dashboards are mentioned, specific real-time guardrails, drift detection, or bias monitoring tools are not detailed. Threats include blind spots in detecting discriminatory screening patterns.
Claims compliance with global data security standards. However, integrating with core enterprise HR systems requires strict role-based access control (RBAC) and audit logging to prevent unauthorized access to sensitive employee evaluations and personal data.
Not certain from the listing — There is no explicit mention of multi-agent orchestration or interaction with external agent marketplaces. Threats are currently limited to standard API-to-API integration vulnerabilities.
MAESTRO — the 7-layer agentic threat-modeling framework (Cloud Security Alliance / Ken Huang).