AgentReadyHomeAgent ListingRuntimePricing

← Temp Mail Generator

Temp Mail Generator — agentic threat model

4.3AIVSS 4.3 · Medium

The Temp Mail Generator is a static, non-agentic utility tool with no LLM orchestration, planning, or autonomous capabilities, presenting an extremely low agentic risk profile.

OWASP AIVSS score rationale

AIVSS = (CVSS_Base + AARS) × Mitigation_Factor, where AARS = (10 − CVSS_Base) × (Factor_Sum / 10) × ThM
CVSS base 4.3AARS uplift 0.0Factor sum 0.0/10Threat ×0.9Mitigation ×1.0
Autonomy of Action
0.00
Goal-Driven Planning
0.00
Self-Modification
0.00
Dynamic Tool Use
0.00
Persistent Memory
0.00
Contextual Awareness
0.00
Dynamic Identity
0.00
Multi-Agent Interactions
0.00
Non-Determinism
0.00
Opacity & Reflexivity
0.00

Scored with the canonical OWASP AIVSS formula (AIVSS calculator reference); agentic risk factors estimated from the agent’s described capabilities.

MAESTRO 7-layer threat model

Per-layer threats for this agent. Layers tagged “not certain from listing” are general, caveated commentary where the public description didn’t pin that layer.

L1 · Foundation Models⚠ not certain from listing

Not certain from the listing — The description indicates a standard web utility rather than an LLM-powered application. If an LLM is used behind the scenes, it is completely hidden and lacks any direct prompt interface, making typical L1 threats like prompt injection or model stealing highly unlikely.

L2 · Data Operations⚠ not certain from listing

Not certain from the listing — There is no evidence of RAG, vector databases, or training data operations. The primary data risk is transient storage of incoming emails, which could be subject to interception or unauthorized access if not properly isolated.

L3 · Agent Frameworks⚠ not certain from listing

Not certain from the listing — The tool does not appear to use an agent framework, planning loops, or dynamic tool calling. It functions as a deterministic single-purpose script to generate and poll an inbox.

L4 · Deployment & Infrastructure✓ mapped

The infrastructure must securely host the mail server (MX records) and the web front-end. Threats include server-side request forgery (SSRF) via email processing, mail server abuse for spam relaying, and denial of service on the temporary domain generation endpoint.

L5 · Evaluation & Observability⚠ not certain from listing

Not certain from the listing — There are no visible AI-specific evaluation or observability guardrails. Traditional logging of API abuse and rate-limiting are the primary relevant controls here.

L6 · Security & Compliance (cross-cutting)✓ mapped

The tool claims to leave no traces or personal data, which aligns with privacy-by-design principles. However, there is no user authentication or access control, meaning anyone who guesses or intercepts the temporary email address can read the incoming verification emails.

L7 · Agent Ecosystem✓ mapped

The tool does not participate in any agent ecosystem, multi-agent coordination, or marketplace integrations.

MAESTRO — the 7-layer agentic threat-modeling framework (Cloud Security Alliance / Ken Huang).

These scores are auto-generated from public information (the agent's own listing, docs, and repository) using the canonical OWASP AIVSS formula and the MAESTRO framework — an estimate for guidance, not a penetration test, audit, or certification. See the scoring methodology — every score is re-derived by the same automated method as an agent's public evidence changes.