AgentReadyHomeAgent Listing

← Lumi

Lumi — agentic threat model

7.8AIVSS 7.8 · High

Lumi presents a moderate agentic risk primarily driven by its integration with WhatsApp and access to sensitive sales and catalog data. The lack of explicit security controls or sandboxing in its public listing highlights potential exposure to data exfiltration and communication hijacking.

OWASP AIVSS score rationale

AIVSS = (CVSS_Base + AARS) × Mitigation_Factor, where AARS = (10 − CVSS_Base) × (Factor_Sum / 10) × ThM
CVSS base 6.5AARS uplift 1.29Factor sum 3.7/10Threat ×1.0Mitigation ×1.0
Autonomy of Action
0.40
Goal-Driven Planning
0.30
Self-Modification
0.10
Dynamic Tool Use
0.50
Persistent Memory
0.40
Contextual Awareness
0.50
Dynamic Identity
0.20
Multi-Agent Interactions
0.20
Non-Determinism
0.60
Opacity & Reflexivity
0.50

Scored with the canonical OWASP AIVSS formula (AIVSS calculator reference); agentic risk factors estimated from the agent’s described capabilities.

MAESTRO 7-layer threat model

Per-layer threats for this agent. Layers tagged “not certain from listing” are general, caveated commentary where the public description didn’t pin that layer.

L1 · Foundation Models⚠ not certain from listing

Not certain from the listing — The underlying foundation models are not specified. Standard risks include prompt injection allowing bypass of sales guidelines or generation of inappropriate customer responses.

L2 · Data Operations✓ mapped

Lumi processes catalog data, customer FAQs, and team performance metrics. Threats include unauthorized access to proprietary sales data, exfiltration of customer interaction history, or poisoning of the FAQ database to feed incorrect information to sales reps.

L3 · Agent Frameworks✓ mapped

The agent orchestrates catalog access and guides sales tasks, likely utilizing tool calling for database queries and WhatsApp messaging. Risks include insecure tool integration leading to unauthorized catalog modifications or messaging abuse.

L4 · Deployment & Infrastructure⚠ not certain from listing

Not certain from the listing — Infrastructure details are omitted. The integration with WhatsApp suggests webhooks and API endpoints that must be secured against unauthorized access and denial-of-service attacks.

L5 · Evaluation & Observability⚠ not certain from listing

Not certain from the listing — While the platform offers 'team performance tracking' for leaders, it is unclear if there are internal guardrails, anomaly detection, or logging mechanisms to monitor the AI's own behavior and prevent drift.

L6 · Security & Compliance (cross-cutting)⚠ not certain from listing

Not certain from the listing — No specific compliance standards (such as GDPR for customer data or SOC2) are mentioned, raising potential compliance risks regarding the handling of sales and customer contact information.

L7 · Agent Ecosystem✓ mapped

Lumi operates within a multi-user ecosystem (sales reps, leaders, and customers via WhatsApp). A compromise could allow lateral movement or social engineering attacks targeting customers directly through the trusted WhatsApp channel.

MAESTRO — the 7-layer agentic threat-modeling framework (Cloud Security Alliance / Ken Huang).