AgentReadyHomeAgent Listing

← Mokaru

Mokaru — agentic threat model

6.5AIVSS 6.5 · Medium

Mokaru is a low-risk, consumer-facing AI assistant focused on resume optimization and job tracking. Its primary security risks center on the handling of sensitive personal identifiable information (PII) and potential file-parsing vulnerabilities rather than autonomous agentic actions.

OWASP AIVSS score rationale

AIVSS = (CVSS_Base + AARS) × Mitigation_Factor, where AARS = (10 − CVSS_Base) × (Factor_Sum / 10) × ThM
CVSS base 5.8AARS uplift 0.68Factor sum 1.7/10Threat ×0.95Mitigation ×1.0
Autonomy of Action
0.20
Goal-Driven Planning
0.10
Self-Modification
0.00
Dynamic Tool Use
0.10
Persistent Memory
0.40
Contextual Awareness
0.30
Dynamic Identity
0.00
Multi-Agent Interactions
0.00
Non-Determinism
0.40
Opacity & Reflexivity
0.20

Scored with the canonical OWASP AIVSS formula (AIVSS calculator reference); agentic risk factors estimated from the agent’s described capabilities.

MAESTRO 7-layer threat model

Per-layer threats for this agent. Layers tagged “not certain from listing” are general, caveated commentary where the public description didn’t pin that layer.

L1 · Foundation Models⚠ not certain from listing

Not certain from the listing — likely utilizes third-party LLMs via API to perform resume tailoring and ATS analysis. Primary threats include prompt injection via adversarial job descriptions or resumes designed to hijack the model's output or bypass ATS screening rules.

L2 · Data Operations⚠ not certain from listing

Not certain from the listing — processes highly sensitive Personally Identifiable Information (PII) contained within user resumes (names, contact details, employment history). Key threats include insecure storage of uploaded documents, lack of data minimization, and potential leakage of user data if used for downstream model fine-tuning.

L3 · Agent Frameworks⚠ not certain from listing

Not certain from the listing — orchestration appears limited to simple document parsing and prompt templating. The main threat is insecure integration of file parsers (e.g., PDF/DOCX extractors) which could be vulnerable to local file inclusion or buffer overflow attacks.

L4 · Deployment & Infrastructure⚠ not certain from listing

Not certain from the listing — likely deployed as a standard SaaS web application. Threats include typical OWASP Top 10 vulnerabilities, insecure file upload mechanisms allowing malicious payloads to be executed on the server, and lack of sandboxing during document parsing.

L5 · Evaluation & Observability⚠ not certain from listing

Not certain from the listing — no observability or guardrail mechanisms are mentioned. Gaps in logging and monitoring could allow attackers to systematically scrape job descriptions or abuse the free ATS checker without detection.

L6 · Security & Compliance (cross-cutting)⚠ not certain from listing

Not certain from the listing — handling job seeker data requires strict adherence to privacy regulations like GDPR and CCPA. The absence of stated compliance certifications (e.g., SOC 2) or explicit data retention policies represents a significant compliance risk.

L7 · Agent Ecosystem⚠ not certain from listing

Not certain from the listing — operates as a standalone horizontal platform with no indicated multi-agent coordination or external marketplace integrations, resulting in minimal ecosystem-level threat exposure.

MAESTRO — the 7-layer agentic threat-modeling framework (Cloud Security Alliance / Ken Huang).