AgentReadyHomeAgent Listing

← US National Weather Service MCP

US National Weather Service MCP — agentic threat model

2.8AIVSS 2.8 · Low

The US National Weather Service MCP is a highly benign, read-only utility with an extremely low risk profile due to its lack of credentials, reliance on public data, and absence of autonomous action capabilities.

OWASP AIVSS score rationale

AIVSS = (CVSS_Base + AARS) × Mitigation_Factor, where AARS = (10 − CVSS_Base) × (Factor_Sum / 10) × ThM
CVSS base 3.1AARS uplift 0.37Factor sum 0.6/10Threat ×0.9Mitigation ×0.8
Autonomy of Action
0.10
Goal-Driven Planning
0.00
Self-Modification
0.00
Dynamic Tool Use
0.10
Persistent Memory
0.00
Contextual Awareness
0.20
Dynamic Identity
0.00
Multi-Agent Interactions
0.00
Non-Determinism
0.10
Opacity & Reflexivity
0.10

Scored with the canonical OWASP AIVSS formula (AIVSS calculator reference); agentic risk factors estimated from the agent’s described capabilities.

MAESTRO 7-layer threat model

Per-layer threats for this agent. Layers tagged “not certain from listing” are general, caveated commentary where the public description didn’t pin that layer.

L1 · Foundation Models⚠ not certain from listing

Not certain from the listing — The tool itself does not include a foundation model but is designed to be called by one; risks are limited to the calling LLM misinterpreting the weather data or being exploited by malicious injection in the forecast text.

L2 · Data Operations✓ mapped

The tool fetches real-time public weather data from the official NWS API. Risks include upstream data poisoning or spoofing of the NWS API, though the data is read-only and public.

L3 · Agent Frameworks✓ mapped

Integrates as an MCP tool. Risks include insecure tool integration where the orchestrator fails to sanitize the returned weather text, potentially leading to prompt injection if the forecast contains adversarial text.

L4 · Deployment & Infrastructure⚠ not certain from listing

Not certain from the listing — The hosting and sandboxing environment of the MCP server are not specified, though as an open-source connector, it relies on the user's local or host deployment security.

L5 · Evaluation & Observability⚠ not certain from listing

Not certain from the listing — There is no mention of built-in logging, guardrails, or monitoring for the fetched API payloads or tool usage.

L6 · Security & Compliance (cross-cutting)✓ mapped

The tool requires no API keys or credentials and operates strictly on read-only public data, minimizing compliance and identity risks.

L7 · Agent Ecosystem⚠ not certain from listing

Not certain from the listing — While it can be used in multi-agent systems to provide environmental context, there are no explicit multi-agent coordination or marketplace features described.

MAESTRO — the 7-layer agentic threat-modeling framework (Cloud Security Alliance / Ken Huang).