AgentReadyHomeAgent Listing

← Judgement Tarot

Judgement Tarot — agentic threat model

3.9AIVSS 3.9 · Low

Judgement Tarot is a low-risk, entertainment-focused AI agent with minimal autonomy and no integration into critical systems, making its primary security concerns limited to prompt injection and basic web application vulnerabilities.

OWASP AIVSS score rationale

AIVSS = (CVSS_Base + AARS) × Mitigation_Factor, where AARS = (10 − CVSS_Base) × (Factor_Sum / 10) × ThM
CVSS base 2.5AARS uplift 1.42Factor sum 2.0/10Threat ×0.95Mitigation ×1.0
Autonomy of Action
0.10
Goal-Driven Planning
0.10
Self-Modification
0.00
Dynamic Tool Use
0.10
Persistent Memory
0.20
Contextual Awareness
0.20
Dynamic Identity
0.00
Multi-Agent Interactions
0.00
Non-Determinism
0.80
Opacity & Reflexivity
0.50

Scored with the canonical OWASP AIVSS formula (AIVSS calculator reference); agentic risk factors estimated from the agent’s described capabilities.

MAESTRO 7-layer threat model

Per-layer threats for this agent. Layers tagged “not certain from listing” are general, caveated commentary where the public description didn’t pin that layer.

L1 · Foundation Models⚠ not certain from listing

Not certain from the listing — likely relies on standard commercial LLMs customized via system prompts to adopt different reader personalities. Vulnerable to prompt injection that could bypass the tarot persona, generate offensive content, or leak system instructions.

L2 · Data Operations⚠ not certain from listing

Not certain from the listing — likely maintains a database of card meanings and user reading histories. Risks include unauthorized access to user chat histories or manipulation of the card database.

L3 · Agent Frameworks⚠ not certain from listing

Not certain from the listing — likely uses a simple chatbot architecture rather than a complex agentic framework. Risk of tool misuse is low, though interactive card picking must be securely decoupled from LLM generation to prevent manipulation.

L4 · Deployment & Infrastructure⚠ not certain from listing

Not certain from the listing — deployed as a standard web or mobile application. Vulnerable to typical web application threats such as insecure API endpoints, cross-site scripting (XSS), and denial of service.

L5 · Evaluation & Observability⚠ not certain from listing

Not certain from the listing — likely lacks advanced observability or specialized guardrails, relying instead on the base model's default safety filters to prevent inappropriate psychic advice.

L6 · Security & Compliance (cross-cutting)⚠ not certain from listing

Not certain from the listing — as a freemium entertainment app, it likely lacks rigorous security compliance certifications (e.g., SOC2) or strict data privacy controls beyond standard terms of service.

L7 · Agent Ecosystem✓ mapped

The agent operates as a standalone vertical application with no described multi-agent coordination or marketplace integrations, resulting in negligible ecosystem risk.

MAESTRO — the 7-layer agentic threat-modeling framework (Cloud Security Alliance / Ken Huang).