Wan AI video — agentic threat model
Wan AI is a multimodal video generation platform with low agentic risk, primarily acting as a deterministic pipeline for text-to-video and image-to-video generation with minimal autonomous decision-making.
OWASP AIVSS score rationale
| Autonomy of Action | 0.10 | |
| Goal-Driven Planning | 0.10 | |
| Self-Modification | 0.00 | |
| Dynamic Tool Use | 0.20 | |
| Persistent Memory | 0.20 | |
| Contextual Awareness | 0.30 | |
| Dynamic Identity | 0.00 | |
| Multi-Agent Interactions | 0.00 | |
| Non-Determinism | 0.70 | |
| Opacity & Reflexivity | 0.40 |
Scored with the canonical OWASP AIVSS formula (AIVSS calculator reference); agentic risk factors estimated from the agent’s described capabilities.
MAESTRO 7-layer threat model
Per-layer threats for this agent. Layers tagged “not certain from listing” are general, caveated commentary where the public description didn’t pin that layer.
Utilizes multimodal foundation models for text-to-video, image-to-video, and voiceover generation. Primary threats include adversarial prompt injection to bypass safety filters, generating deepfakes, or producing copyrighted/harmful content.
Not certain from the listing — processes user-uploaded images and text prompts. Potential risks include data exfiltration of uploaded assets, lack of input sanitization for image files, and lack of clarity on whether user data is used to retrain the underlying video models.
Not certain from the listing — orchestration appears to be a linear pipeline (prompt/image -> video/audio generation) rather than an autonomous agent loop. Risks are limited to insecure handling of generation parameters and API timeouts.
Not certain from the listing — hosted as an online platform. Requires typical web infrastructure security, sandboxing of media processing libraries (e.g., FFmpeg) to prevent remote code execution via malformed media uploads, and secure GPU cluster orchestration.
Not certain from the listing — requires robust content moderation guardrails to detect and block the generation of explicit, violent, or politically sensitive video and audio content before rendering.
Not certain from the listing — requires standard web authentication, access controls for user-generated assets, and compliance with copyright laws, synthetic media labeling regulations, and data privacy standards.
Not certain from the listing — the platform operates as a standalone horizontal tool with no indicated multi-agent coordination, marketplace integrations, or autonomous external ecosystem interactions.
MAESTRO — the 7-layer agentic threat-modeling framework (Cloud Security Alliance / Ken Huang).
These scores are auto-generated from public information (the agent's own listing, docs, and repository) using the canonical OWASP AIVSS formula and the MAESTRO framework — an estimate for guidance, not a penetration test, audit, or certification. See the scoring methodology — every score is re-derived by the same automated method as an agent's public evidence changes.