AgentReadyHomeAgent Listing

← Lotus Wisdom MCP

Lotus Wisdom MCP — agentic threat model

1.7AIVSS 1.7 · Low

Lotus Wisdom MCP is a stateless, open-source reasoning scaffold with no external data access, credentials, or execution capabilities, presenting an exceptionally low agentic risk posture.

OWASP AIVSS score rationale

AIVSS = (CVSS_Base + AARS) × Mitigation_Factor, where AARS = (10 − CVSS_Base) × (Factor_Sum / 10) × ThM
CVSS base 1.5AARS uplift 0.61Factor sum 0.8/10Threat ×0.9Mitigation ×0.8
Autonomy of Action
0.00
Goal-Driven Planning
0.10
Self-Modification
0.00
Dynamic Tool Use
0.00
Persistent Memory
0.00
Contextual Awareness
0.20
Dynamic Identity
0.00
Multi-Agent Interactions
0.00
Non-Determinism
0.30
Opacity & Reflexivity
0.20

Scored with the canonical OWASP AIVSS formula (AIVSS calculator reference); agentic risk factors estimated from the agent’s described capabilities.

MAESTRO 7-layer threat model

Per-layer threats for this agent. Layers tagged “not certain from listing” are general, caveated commentary where the public description didn’t pin that layer.

L1 · Foundation Models⚠ not certain from listing

Not certain from the listing — The tool is model-agnostic and acts as a prompting scaffold. It relies entirely on the host LLM's safety alignment to prevent adversarial reprogramming or misaligned outputs during its structured reasoning steps.

L2 · Data Operations✓ mapped

The tool is explicitly stateless and does not utilize external data, vector stores, or RAG pipelines, eliminating data poisoning and exfiltration risks at this layer.

L3 · Agent Frameworks✓ mapped

Acts as a structured reasoning framework returning text to the model. It does not orchestrate tool execution, maintain state, or manage memory, minimizing framework-level vulnerabilities.

L4 · Deployment & Infrastructure⚠ not certain from listing

Not certain from the listing — As an open-source MCP tool, deployment security depends entirely on the host environment's sandboxing and local execution policies.

L5 · Evaluation & Observability⚠ not certain from listing

Not certain from the listing — The description does not mention built-in logging, guardrails, or evaluation mechanisms for the meditative pause or reasoning outputs.

L6 · Security & Compliance (cross-cutting)✓ mapped

The tool does not handle credentials, identity, or authorization, delegating all security and compliance requirements to the host application.

L7 · Agent Ecosystem✓ mapped

The tool operates as a single-purpose MCP utility with no multi-agent coordination, marketplace dependencies, or autonomous agent-to-agent interactions.

MAESTRO — the 7-layer agentic threat-modeling framework (Cloud Security Alliance / Ken Huang).