AgentReadyHomeAgent Listing

← GLM-OCR Free Online OCR Tool

GLM-OCR Free Online OCR Tool — agentic threat model

5.7AIVSS 5.7 · Medium

GLM-OCR is a low-risk utility tool focused on document text extraction, presenting minimal autonomous threat but carrying data privacy risks if sensitive documents are processed through its online API.

OWASP AIVSS score rationale

AIVSS = (CVSS_Base + AARS) × Mitigation_Factor, where AARS = (10 − CVSS_Base) × (Factor_Sum / 10) × ThM
CVSS base 5.3AARS uplift 0.38Factor sum 0.8/10Threat ×1.0Mitigation ×1.0
Autonomy of Action
0.10
Goal-Driven Planning
0.00
Self-Modification
0.00
Dynamic Tool Use
0.00
Persistent Memory
0.00
Contextual Awareness
0.20
Dynamic Identity
0.00
Multi-Agent Interactions
0.00
Non-Determinism
0.30
Opacity & Reflexivity
0.20

Scored with the canonical OWASP AIVSS formula (AIVSS calculator reference); agentic risk factors estimated from the agent’s described capabilities.

MAESTRO 7-layer threat model

Per-layer threats for this agent. Layers tagged “not certain from listing” are general, caveated commentary where the public description didn’t pin that layer.

L1 · Foundation Models✓ mapped

Uses GLM-based vision-language models for OCR. Primary threats include adversarial document attacks (indirect prompt injection embedded in images/PDFs to manipulate output) and model-level misalignments when parsing complex formulas or code.

L2 · Data Operations⚠ not certain from listing

Not certain from the listing — details on how uploaded PDFs and images are cached, stored, or if they are used for model training are omitted. Risks include data exfiltration of sensitive user-uploaded documents and lack of data retention policies.

L3 · Agent Frameworks⚠ not certain from listing

Not certain from the listing — the orchestration framework is not specified. If an agentic framework is used to parse and route document segments, risks include insecure tool integration and prompt injection via document content.

L4 · Deployment & Infrastructure⚠ not certain from listing

Not certain from the listing — hosting infrastructure is unspecified. Processing user-uploaded PDFs and images carries high risk of remote code execution (RCE) via malicious file parsers if the execution environment is not strictly sandboxed.

L5 · Evaluation & Observability⚠ not certain from listing

Not certain from the listing — there is no mention of input/output guardrails, logging, or abuse monitoring to prevent the processing of illicit, copyrighted, or sensitive personal data.

L6 · Security & Compliance (cross-cutting)⚠ not certain from listing

Not certain from the listing — no compliance certifications (e.g., GDPR, SOC2) or data encryption standards are declared, which is critical given the tool processes arbitrary user documents.

L7 · Agent Ecosystem⚠ not certain from listing

Not certain from the listing — while tagged as an API, there is no explicit multi-agent ecosystem integration. The primary risk is downstream agents consuming manipulated OCR outputs from this tool.

MAESTRO — the 7-layer agentic threat-modeling framework (Cloud Security Alliance / Ken Huang).