AgentReadyHomeAgent Listing

← Reztune

Reztune — agentic threat model

6.6AIVSS 6.6 · Medium

Reztune presents a low-to-moderate agentic risk profile due to its limited autonomy and lack of direct external action execution. Its primary security risks center on the handling of highly sensitive PII within resumes and the potential for indirect prompt injection via untrusted job descriptions.

OWASP AIVSS score rationale

AIVSS = (CVSS_Base + AARS) × Mitigation_Factor, where AARS = (10 − CVSS_Base) × (Factor_Sum / 10) × ThM
CVSS base 5.5AARS uplift 1.08Factor sum 2.4/10Threat ×1.0Mitigation ×1.0
Autonomy of Action
0.20
Goal-Driven Planning
0.30
Self-Modification
0.00
Dynamic Tool Use
0.20
Persistent Memory
0.50
Contextual Awareness
0.40
Dynamic Identity
0.00
Multi-Agent Interactions
0.00
Non-Determinism
0.50
Opacity & Reflexivity
0.30

Scored with the canonical OWASP AIVSS formula (AIVSS calculator reference); agentic risk factors estimated from the agent’s described capabilities.

MAESTRO 7-layer threat model

Per-layer threats for this agent. Layers tagged “not certain from listing” are general, caveated commentary where the public description didn’t pin that layer.

L1 · Foundation Models⚠ not certain from listing

Not certain from the listing — likely utilizes commercial LLMs via API for text rewriting and keyword matching. Primary threats include indirect prompt injection (e.g., malicious instructions embedded in a job description designed to exfiltrate the user's resume data) and hallucinated skills/experience.

L2 · Data Operations⚠ not certain from listing

Not certain from the listing — stores user-uploaded resumes and job descriptions. Risks include unauthorized access to highly sensitive PII (names, contact info, work history) and potential data leakage if vector databases or caches are shared or poorly isolated.

L3 · Agent Frameworks⚠ not certain from listing

Not certain from the listing — orchestrates parsing, LLM prompting, and PDF generation. Vulnerabilities could exist in the PDF generation libraries (e.g., SSRF or local file inclusion via malicious HTML-to-PDF conversion) and insecure handling of user session state.

L4 · Deployment & Infrastructure⚠ not certain from listing

Not certain from the listing — likely hosted on standard cloud infrastructure. Key threats include insecure cloud storage buckets containing raw resumes and lack of isolated sandboxing for the PDF generation and document parsing microservices.

L5 · Evaluation & Observability⚠ not certain from listing

Not certain from the listing — likely lacks advanced real-time guardrails to detect prompt injection or PII leakage in LLM outputs before they are compiled into the final PDF template.

L6 · Security & Compliance (cross-cutting)⚠ not certain from listing

Not certain from the listing — handling of personal career history requires strict GDPR/CCPA compliance and robust access controls, but no specific compliance certifications or data retention policies are detailed in the public listing.

L7 · Agent Ecosystem⚠ not certain from listing

Not certain from the listing — operates as a standalone horizontal tool with no apparent multi-agent or marketplace integrations, minimizing ecosystem-specific cascading risks.

MAESTRO — the 7-layer agentic threat-modeling framework (Cloud Security Alliance / Ken Huang).