AgentReadyHomeAgent Listing

← Passed.AI

Passed.AI — agentic threat model

5.8AIVSS 5.8 · Medium

Passed.AI exhibits very low agentic risk, operating primarily as an analytical SaaS tool for document revision and AI detection rather than an autonomous agent. The primary security concerns center on student data privacy, potential false positives in AI detection, and standard web application vulnerabilities.

OWASP AIVSS score rationale

AIVSS = (CVSS_Base + AARS) × Mitigation_Factor, where AARS = (10 − CVSS_Base) × (Factor_Sum / 10) × ThM
CVSS base 5.3AARS uplift 0.49Factor sum 1.1/10Threat ×0.95Mitigation ×1.0
Autonomy of Action
0.10
Goal-Driven Planning
0.00
Self-Modification
0.00
Dynamic Tool Use
0.10
Persistent Memory
0.20
Contextual Awareness
0.30
Dynamic Identity
0.00
Multi-Agent Interactions
0.00
Non-Determinism
0.20
Opacity & Reflexivity
0.20

Scored with the canonical OWASP AIVSS formula (AIVSS calculator reference); agentic risk factors estimated from the agent’s described capabilities.

MAESTRO 7-layer threat model

Per-layer threats for this agent. Layers tagged “not certain from listing” are general, caveated commentary where the public description didn’t pin that layer.

L1 · Foundation Models⚠ not certain from listing

Not certain from the listing — the specific foundation models used for AI detection and plagiarism analysis are not disclosed. Threats include adversarial evasion (students crafting prompts to bypass AI detection) and model updates causing drift in detection accuracy.

L2 · Data Operations⚠ not certain from listing

Not certain from the listing — how student documents, paste-in histories, and revision logs are stored or processed is unspecified. Threats include data leakage of student intellectual property and unauthorized access to historical writing drafts.

L3 · Agent Frameworks⚠ not certain from listing

Not certain from the listing — Passed.AI appears to function more as a deterministic analytical pipeline than an agentic framework. Threats are minimal here, but could include insecure integration of the plagiarism/AI detection APIs.

L4 · Deployment & Infrastructure⚠ not certain from listing

Not certain from the listing — the hosting environment (SaaS) is not detailed. Threats include standard web application vulnerabilities, unauthorized access to the revision tracking database, and lack of tenant isolation.

L5 · Evaluation & Observability⚠ not certain from listing

Not certain from the listing — there is no mention of continuous evaluation or guardrails for the AI detection scores. Threats include high false-positive rates (gaming the detector) and lack of drift monitoring for writing style changes.

L6 · Security & Compliance (cross-cutting)⚠ not certain from listing

Not certain from the listing — compliance with student privacy laws (like FERPA or COPPA) is not explicitly detailed despite the Edtech focus. Threats include regulatory non-compliance and unauthorized exposure of student-identifiable information.

L7 · Agent Ecosystem✓ mapped

The listing describes a standalone SaaS tool with no multi-agent or marketplace integrations. Threats at this layer are negligible as there is no active agent-to-agent communication or ecosystem interaction.

MAESTRO — the 7-layer agentic threat-modeling framework (Cloud Security Alliance / Ken Huang).