AgentReadyHomeAgent Listing

← Illustrious XL

Illustrious XL — agentic threat model

7.0AIVSS 7.0 · High

Illustrious XL is a static, open-source image generation model with zero agentic autonomy, planning, or tool-use capabilities. Its primary security risks are non-agentic, focusing on model integrity (such as malicious weights or pickle exploits) and output safety (NSFW or copyrighted content generation).

OWASP AIVSS score rationale

AIVSS = (CVSS_Base + AARS) × Mitigation_Factor, where AARS = (10 − CVSS_Base) × (Factor_Sum / 10) × ThM
CVSS base 6.3AARS uplift 0.67Factor sum 1.8/10Threat ×1.0Mitigation ×1.0
Autonomy of Action
0.00
Goal-Driven Planning
0.00
Self-Modification
0.00
Dynamic Tool Use
0.00
Persistent Memory
0.00
Contextual Awareness
0.10
Dynamic Identity
0.00
Multi-Agent Interactions
0.00
Non-Determinism
0.80
Opacity & Reflexivity
0.90

Scored with the canonical OWASP AIVSS formula (AIVSS calculator reference); agentic risk factors estimated from the agent’s described capabilities.

MAESTRO 7-layer threat model

Per-layer threats for this agent. Layers tagged “not certain from listing” are general, caveated commentary where the public description didn’t pin that layer.

L1 · Foundation Models✓ mapped

As an SDXL base model, the primary threats at this layer include model poisoning, backdoor injection (triggering specific malicious or policy-violating outputs via specific tags), and intellectual property/copyright infringement risks from the training dataset.

L2 · Data Operations⚠ not certain from listing

Not certain from the listing — The training dataset is heavily tuned for anime-style generation, but the exact data pipeline, curation methods, and protections against data poisoning or copyright infringement are not detailed.

L3 · Agent Frameworks⚠ not certain from listing

Not certain from the listing — This is a base model rather than an active agent framework. It does not natively include orchestration, planning, memory, or tool-calling capabilities.

L4 · Deployment & Infrastructure⚠ not certain from listing

Not certain from the listing — As an open-source model, deployment depends entirely on the user's infrastructure (e.g., local WebUIs, ComfyUI, cloud APIs). A key risk is the execution of arbitrary code if weights are distributed in unsafe formats (like PyTorch .ckpt/pickle) rather than Safetensors.

L5 · Evaluation & Observability⚠ not certain from listing

Not certain from the listing — No built-in evaluation, monitoring, or safety guardrails are mentioned. Users must implement their own input/output filters (e.g., NSFW detectors) and observability tools.

L6 · Security & Compliance (cross-cutting)⚠ not certain from listing

Not certain from the listing — There are no built-in compliance controls, identity management, or access policies described for this open-source model file.

L7 · Agent Ecosystem⚠ not certain from listing

Not certain from the listing — The model does not natively interact with an agent ecosystem or other agents, operating purely as a standalone image generation asset.

MAESTRO — the 7-layer agentic threat-modeling framework (Cloud Security Alliance / Ken Huang).