AgentReadyHomeAgent ListingPricing

← QuestParrot

QuestParrot — agentic threat model

7.3AIVSS 7.3 · High

QuestParrot presents a moderate risk profile, primarily driven by the potential for voice-based prompt injection (VPI) during real-time spoken interviews and the exposure of sensitive customer or employee PII collected during surveys.

OWASP AIVSS score rationale

AIVSS = (CVSS_Base + AARS) × Mitigation_Factor, where AARS = (10 − CVSS_Base) × (Factor_Sum / 10) × ThM
CVSS base 6.3AARS uplift 1.37Factor sum 3.7/10Threat ×1.0Mitigation ×0.95
Autonomy of Action
0.60
Goal-Driven Planning
0.40
Self-Modification
0.10
Dynamic Tool Use
0.30
Persistent Memory
0.40
Contextual Awareness
0.50
Dynamic Identity
0.10
Multi-Agent Interactions
0.10
Non-Determinism
0.70
Opacity & Reflexivity
0.50

Scored with the canonical OWASP AIVSS formula (AIVSS calculator reference); agentic risk factors estimated from the agent’s described capabilities.

MAESTRO 7-layer threat model

Per-layer threats for this agent. Layers tagged “not certain from listing” are general, caveated commentary where the public description didn’t pin that layer.

L1 · Foundation Models⚠ not certain from listing

Not certain from the listing — likely utilizes commercial or open-source LLMs combined with automatic speech recognition (ASR) and text-to-speech (TTS) models. Key threats include voice-based adversarial examples (audio prompt injection) that could manipulate the agent's behavior or cause it to output inappropriate content to survey respondents.

L2 · Data Operations⚠ not certain from listing

Not certain from the listing — processes real-time spoken responses, which must be transcribed and stored. Threats include unauthorized access to raw audio recordings (which may contain biometric voiceprints or sensitive PII) and data exfiltration from the survey response database.

L3 · Agent Frameworks⚠ not certain from listing

Not certain from the listing — orchestrates conversational flows to ask follow-up questions. Threats include prompt injection via spoken user responses that trick the orchestration framework into bypassing the survey script or leaking system instructions.

L4 · Deployment & Infrastructure⚠ not certain from listing

Not certain from the listing — requires hosting for the voice processing pipeline, web dashboard, and database. Threats include insecure API endpoints for voice streaming and typical web application vulnerabilities (e.g., broken authentication) on the dashboard.

L5 · Evaluation & Observability⚠ not certain from listing

Not certain from the listing — requires robust monitoring to detect transcription drift, hallucinated survey analysis, or abusive user inputs. Gaps in real-time audio guardrails could allow the agent to speak offensive content generated by LLM misalignment.

L6 · Security & Compliance (cross-cutting)⚠ not certain from listing

Not certain from the listing — handling voice data and employee/customer feedback requires strict compliance with GDPR, CCPA, and potentially biometric privacy laws. Lack of explicit consent mechanisms or data retention policies poses compliance risks.

L7 · Agent Ecosystem⚠ not certain from listing

Not certain from the listing — primarily operates as a standalone horizontal survey tool. Risks are limited to downstream integrations (e.g., exporting survey results to CRMs or external analytics platforms) rather than complex multi-agent coordination.

MAESTRO — the 7-layer agentic threat-modeling framework (Cloud Security Alliance / Ken Huang).

These scores are auto-generated from public information (the agent's own listing, docs, and repository) using the canonical OWASP AIVSS formula and the MAESTRO framework — an estimate for guidance, not a penetration test, audit, or certification. See the scoring methodology. Are you the vendor? Factual corrections are free.