AgentReadyHomeAgent Listing

← Potpie AI

Potpie AI — agentic threat model

8.7AIVSS 8.7 · High

Potpie AI presents a high-risk profile due to its deep integration with proprietary codebases via knowledge graphs and its capability to perform active tasks like debugging and testing. If compromised, it could lead to intellectual property theft or malicious code injection.

OWASP AIVSS score rationale

AIVSS = (CVSS_Base + AARS) × Mitigation_Factor, where AARS = (10 − CVSS_Base) × (Factor_Sum / 10) × ThM
CVSS base 8.2AARS uplift 0.95Factor sum 5.3/10Threat ×1.0Mitigation ×0.95
Autonomy of Action
0.60
Goal-Driven Planning
0.70
Self-Modification
0.20
Dynamic Tool Use
0.70
Persistent Memory
0.50
Contextual Awareness
0.80
Dynamic Identity
0.30
Multi-Agent Interactions
0.40
Non-Determinism
0.60
Opacity & Reflexivity
0.50

Scored with the canonical OWASP AIVSS formula (AIVSS calculator reference); agentic risk factors estimated from the agent’s described capabilities.

MAESTRO 7-layer threat model

Per-layer threats for this agent. Layers tagged “not certain from listing” are general, caveated commentary where the public description didn’t pin that layer.

L1 · Foundation Models✓ mapped

Utilizes external foundation models (OpenAI, Claude, Gemini). Primary threats include adversarial prompt injection to bypass code generation safety limits and model-specific output misalignment.

L2 · Data Operations✓ mapped

Constructs a knowledge graph of the codebase. Threats include codebase data poisoning (introducing malicious code to corrupt the graph) and data exfiltration of sensitive IP contained within the repository.

L3 · Agent Frameworks✓ mapped

Orchestrates agents for debugging, testing, and documentation. Threats include insecure tool integration where the agent might execute malicious test scripts or write insecure code directly into the repository.

L4 · Deployment & Infrastructure⚠ not certain from listing

Not certain from the listing — details regarding the sandboxing of code execution during testing, VSCode extension communication security, and API access controls are not specified.

L5 · Evaluation & Observability⚠ not certain from listing

Not certain from the listing — there is no mention of built-in evaluation frameworks, guardrails for generated code, or observability tools to monitor agent actions.

L6 · Security & Compliance (cross-cutting)⚠ not certain from listing

Not certain from the listing — while open-source allows for public auditing, specific compliance standards, enterprise access controls, and identity management are not detailed.

L7 · Agent Ecosystem⚠ not certain from listing

Not certain from the listing — although it supports customizable agents, the mechanisms for multi-agent coordination, trust boundaries, and prevention of cascading failures are not described.

MAESTRO — the 7-layer agentic threat-modeling framework (Cloud Security Alliance / Ken Huang).