AgentReadyHomeAgent Listing

← Omnimind AI

Omnimind AI — agentic threat model

7.3AIVSS 7.3 · High

The Omnimind AI agent presents a moderate risk profile due to its automated write access to HubSpot CRM systems without human-in-the-loop validation. The primary threat vector is data poisoning or injection from untrusted LinkedIn profiles into sensitive CRM fields.

OWASP AIVSS score rationale

AIVSS = (CVSS_Base + AARS) × Mitigation_Factor, where AARS = (10 − CVSS_Base) × (Factor_Sum / 10) × ThM
CVSS base 6.5AARS uplift 0.77Factor sum 2.2/10Threat ×1.0Mitigation ×1.0
Autonomy of Action
0.80
Goal-Driven Planning
0.20
Self-Modification
0.00
Dynamic Tool Use
0.40
Persistent Memory
0.10
Contextual Awareness
0.20
Dynamic Identity
0.00
Multi-Agent Interactions
0.00
Non-Determinism
0.30
Opacity & Reflexivity
0.20

Scored with the canonical OWASP AIVSS formula (AIVSS calculator reference); agentic risk factors estimated from the agent’s described capabilities.

MAESTRO 7-layer threat model

Per-layer threats for this agent. Layers tagged “not certain from listing” are general, caveated commentary where the public description didn’t pin that layer.

L1 · Foundation Models⚠ not certain from listing

Not certain from the listing — the specific LLM used for matching and parsing LinkedIn profile data is not disclosed, leaving potential vulnerabilities to adversarial prompt injection via LinkedIn profile fields unassessed.

L2 · Data Operations✓ mapped

Ingests HubSpot contact names/emails and LinkedIn profile data. High risk of indirect prompt injection or data poisoning if an attacker modifies their public LinkedIn profile to contain malicious payloads designed to exploit the parsing model or downstream CRM.

L3 · Agent Frameworks✓ mapped

Orchestrates automated triggers from HubSpot to execute LinkedIn searches and write back to HubSpot fields. Vulnerable to insecure tool integration if the agent does not sanitize the scraped LinkedIn data before executing API write calls to HubSpot.

L4 · Deployment & Infrastructure⚠ not certain from listing

Not certain from the listing — details regarding the hosting environment, sandboxing of the scraping/parsing processes, and secure storage of HubSpot OAuth tokens are not provided.

L5 · Evaluation & Observability⚠ not certain from listing

Not certain from the listing — there is no mention of logging, matching confidence thresholds, or guardrails to prevent false positives or malicious data writes to the CRM.

L6 · Security & Compliance (cross-cutting)⚠ not certain from listing

Not certain from the listing — requires write permissions to HubSpot CRM, but compliance certifications (e.g., SOC2, GDPR) and data retention policies for the scraped LinkedIn data are not specified.

L7 · Agent Ecosystem✓ mapped

Operates as a single-agent integration between HubSpot and LinkedIn. There are no multi-agent interactions or marketplace dependencies described, limiting ecosystem-level cascading risks.

MAESTRO — the 7-layer agentic threat-modeling framework (Cloud Security Alliance / Ken Huang).