AgentReadyHomeAgent ListingPricing

← Healthcare CoPilot

Healthcare CoPilot — agentic threat model

5.2AIVSS 5.2 · Medium

Healthcare CoPilot presents a high-consequence risk profile due to its processing of sensitive clinical data and triage decision support, though its agentic risk is heavily mitigated by its UK CA Class 1 regulatory compliance and human-in-the-loop design.

OWASP AIVSS score rationale

AIVSS = (CVSS_Base + AARS) × Mitigation_Factor, where AARS = (10 − CVSS_Base) × (Factor_Sum / 10) × ThM
CVSS base 8.2AARS uplift 0.54Factor sum 3.0/10Threat ×1.0Mitigation ×0.6
Autonomy of Action
0.30
Goal-Driven Planning
0.40
Self-Modification
0.00
Dynamic Tool Use
0.30
Persistent Memory
0.20
Contextual Awareness
0.70
Dynamic Identity
0.10
Multi-Agent Interactions
0.10
Non-Determinism
0.40
Opacity & Reflexivity
0.50

Scored with the canonical OWASP AIVSS formula (AIVSS calculator reference); agentic risk factors estimated from the agent’s described capabilities.

MAESTRO 7-layer threat model

Per-layer threats for this agent. Layers tagged “not certain from listing” are general, caveated commentary where the public description didn’t pin that layer.

L1 · Foundation Models⚠ not certain from listing

Not certain from the listing — the specific foundation models used for extraction and summarization are not disclosed. Potential threats include adversarial prompt injection altering clinical triage decisions or model output misalignment leading to missed clinical urgency.

L2 · Data Operations✓ mapped

The agent ingests, extracts, and codes clinical referrals and records using SNOMED CT UK. Key threats include clinical data poisoning, unauthorized exfiltration of Protected Health Information (PHI), and embedding inversion attacks on patient records.

L3 · Agent Frameworks⚠ not certain from listing

Not certain from the listing — the orchestration framework is not specified. Threats include insecure integration with Electronic Health Record (EHR) systems and potential memory poisoning during multi-step clinical pathway evaluations.

L4 · Deployment & Infrastructure⚠ not certain from listing

Not certain from the listing — the hosting environment (cloud vs. on-premise NHS trust servers) is not detailed. Threats include unauthorized access to hosting infrastructure, container escape, and lateral movement into broader hospital networks.

L5 · Evaluation & Observability✓ mapped

The system explicitly supports dashboards for audit and governance, and is UK CA Class 1 certified, indicating structured clinical safety monitoring, though specific real-time LLM guardrails are not detailed.

L6 · Security & Compliance (cross-cutting)✓ mapped

The agent is certified as a UK CA Class 1 clinical management-support software, indicating compliance with medical device regulations, rigorous clinical safety standards, and structured quality management systems.

L7 · Agent Ecosystem⚠ not certain from listing

Not certain from the listing — there is no mention of multi-agent coordination or marketplace interactions. Threats are limited to potential future integration risks with other healthcare agents or EHR APIs.

MAESTRO — the 7-layer agentic threat-modeling framework (Cloud Security Alliance / Ken Huang).

These scores are auto-generated from public information (the agent's own listing, docs, and repository) using the canonical OWASP AIVSS formula and the MAESTRO framework — an estimate for guidance, not a penetration test, audit, or certification. See the scoring methodology. Are you the vendor? Factual corrections are free.