AgentReadyHomeAgent Listing

← ZEPIC

ZEPIC — agentic threat model

9.2AIVSS 9.2 · Critical

ZEPIC presents a high-risk profile primarily due to its integration with a Customer Data Platform (CDP) containing rich customer PII and its capability to execute automated cross-channel marketing campaigns. A compromise could lead to massive data exfiltration or widespread unauthorized communications, amplified by the lack of explicit security controls in the listing.

OWASP AIVSS score rationale

AIVSS = (CVSS_Base + AARS) × Mitigation_Factor, where AARS = (10 − CVSS_Base) × (Factor_Sum / 10) × ThM
CVSS base 8.5AARS uplift 0.66Factor sum 4.4/10Threat ×1.0Mitigation ×1.0
Autonomy of Action
0.60
Goal-Driven Planning
0.50
Self-Modification
0.10
Dynamic Tool Use
0.60
Persistent Memory
0.80
Contextual Awareness
0.70
Dynamic Identity
0.20
Multi-Agent Interactions
0.10
Non-Determinism
0.40
Opacity & Reflexivity
0.40

Scored with the canonical OWASP AIVSS formula (AIVSS calculator reference); agentic risk factors estimated from the agent’s described capabilities.

MAESTRO 7-layer threat model

Per-layer threats for this agent. Layers tagged “not certain from listing” are general, caveated commentary where the public description didn’t pin that layer.

L1 · Foundation Models⚠ not certain from listing

Not certain from the listing — ZEPIC uses 'Zenie AI' at its core, but the underlying LLM/foundation model is not specified. Potential threats include prompt injection leading to unauthorized campaign generation or misaligned outputs.

L2 · Data Operations✓ mapped

ZEPIC features a built-in CDP (Customer Data Platform) with a 360-degree customer view. Threats include data poisoning of the CDP, unauthorized exfiltration of customer PII, and lack of data lineage for AI-driven segmentation.

L3 · Agent Frameworks⚠ not certain from listing

Not certain from the listing — The orchestration framework for 'Zenie AI' is not detailed. Threats include insecure tool integration with marketing channels (email, SMS APIs) and potential prompt injection bypassing campaign constraints.

L4 · Deployment & Infrastructure⚠ not certain from listing

Not certain from the listing — The hosting environment (SaaS vs. self-hosted open source) is not specified in detail. Threats include container compromise, exposed API endpoints for campaign execution, and credential theft for connected channels.

L5 · Evaluation & Observability⚠ not certain from listing

Not certain from the listing — No mention of guardrails, evaluation frameworks, or drift monitoring for Zenie AI's insights or campaign generation. Threats include blind spots in automated campaign outputs and lack of anomaly detection for mass messaging.

L6 · Security & Compliance (cross-cutting)⚠ not certain from listing

Not certain from the listing — No explicit mention of compliance certifications (GDPR, SOC2) or fine-grained access controls, despite handling sensitive customer PII in the CDP. Threats include regulatory non-compliance (GDPR/CCPA) regarding customer data processing.

L7 · Agent Ecosystem⚠ not certain from listing

Not certain from the listing — No explicit multi-agent or marketplace interactions are described. Threats are limited to potential cascading failures if integrated third-party marketing APIs fail or are compromised.

MAESTRO — the 7-layer agentic threat-modeling framework (Cloud Security Alliance / Ken Huang).