AgentReadyHomeAgent ListingPricing

← Monday AI

Monday AI — agentic threat model

6.8AIVSS 6.8 · Medium

Monday AI presents a moderate-to-high risk profile due to its deep integration with enterprise project data and workflow automation capabilities, where prompt injection could lead to unauthorized data extraction or manipulation of business tasks.

OWASP AIVSS score rationale

AIVSS = (CVSS_Base + AARS) × Mitigation_Factor, where AARS = (10 − CVSS_Base) × (Factor_Sum / 10) × ThM
CVSS base 7.5AARS uplift 0.95Factor sum 3.8/10Threat ×1.0Mitigation ×0.8
Autonomy of Action
0.50
Goal-Driven Planning
0.40
Self-Modification
0.10
Dynamic Tool Use
0.50
Persistent Memory
0.30
Contextual Awareness
0.60
Dynamic Identity
0.20
Multi-Agent Interactions
0.30
Non-Determinism
0.50
Opacity & Reflexivity
0.40

Scored with the canonical OWASP AIVSS formula (AIVSS calculator reference); agentic risk factors estimated from the agent’s described capabilities.

MAESTRO 7-layer threat model

Per-layer threats for this agent. Layers tagged “not certain from listing” are general, caveated commentary where the public description didn’t pin that layer.

L1 · Foundation Models⚠ not certain from listing

Not certain from the listing — The specific foundation models powering Monday AI are not disclosed. Threats include prompt injection, model misalignment, and potential data leakage if public APIs are used without enterprise agreements.

L2 · Data Operations✓ mapped

Processes sensitive project management data, uploaded files, and task descriptions. Threats include data exfiltration via malicious file extraction, and data poisoning of boards to manipulate automated categorization.

L3 · Agent Frameworks✓ mapped

Orchestrates task automation and information extraction. Threats include insecure tool integration where prompt injection could trick the agent into executing unauthorized workflow actions or modifying board structures.

L4 · Deployment & Infrastructure⚠ not certain from listing

Not certain from the listing — Hosted within Monday.com's cloud infrastructure. Threats include potential sandbox escapes during file parsing/extraction if the processing environment is not strictly isolated.

L5 · Evaluation & Observability⚠ not certain from listing

Not certain from the listing — Specific AI-focused observability, guardrails, or drift detection mechanisms are not detailed in the public directory.

L6 · Security & Compliance (cross-cutting)✓ mapped

Inherits Monday.com's enterprise-grade security compliance, including RBAC, SOC2, and data privacy policies, which helps mitigate unauthorized access to boards and workflows.

L7 · Agent Ecosystem✓ mapped

Operates within the broader Monday.com Work OS ecosystem. Threats include cascading failures or privilege escalation if the AI interacts with compromised third-party integrations or marketplace apps.

MAESTRO — the 7-layer agentic threat-modeling framework (Cloud Security Alliance / Ken Huang).

These scores are auto-generated from public information (the agent's own listing, docs, and repository) using the canonical OWASP AIVSS formula and the MAESTRO framework — an estimate for guidance, not a penetration test, audit, or certification. See the scoring methodology. Are you the vendor? Factual corrections are free.