Skild AI — agentic threat model
Skild AI presents a high-risk profile due to its operation as a physical robotics 'brain,' where digital compromises or model failures directly translate into real-world kinetic hazards, property damage, or physical safety threats.
OWASP AIVSS score rationale
| Autonomy of Action | 0.80 | |
| Goal-Driven Planning | 0.80 | |
| Self-Modification | 0.20 | |
| Dynamic Tool Use | 0.70 | |
| Persistent Memory | 0.50 | |
| Contextual Awareness | 0.90 | |
| Dynamic Identity | 0.20 | |
| Multi-Agent Interactions | 0.40 | |
| Non-Determinism | 0.70 | |
| Opacity & Reflexivity | 0.80 |
Scored with the canonical OWASP AIVSS formula (AIVSS calculator reference); agentic risk factors estimated from the agent’s described capabilities.
MAESTRO 7-layer threat model
Per-layer threats for this agent. Layers tagged “not certain from listing” are general, caveated commentary where the public description didn’t pin that layer.
Not certain from the listing — Skild AI likely utilizes vision-language-action (VLA) or sensorimotor foundation models as its 'unified brain'. Threats include physical adversarial perturbations, model reprogramming, and data poisoning that could cause erratic physical movements.
Not certain from the listing — Data operations likely involve massive physical demonstration datasets, video, and telemetry. Threats include training data poisoning or simulation-to-reality gaps that degrade physical safety.
Not certain from the listing — The agent framework must translate high-level goals into low-level motor control policies. Threats include insecure tool/actuator integration and planning failures leading to physical collisions.
Not certain from the listing — Deployment occurs on edge robotics hardware and cloud control planes. Threats include local hardware compromise, privilege escalation to physical actuators, and insecure over-the-air (OTA) updates.
Not certain from the listing — Observability requires real-time telemetry, physical safety guardrails, and anomaly detection. Gaps here could lead to undetected physical drift or failure to trigger emergency stops.
Not certain from the listing — Security and compliance must cover physical safety standards (e.g., ISO 10218/ISO 13849) alongside digital identity and authorization for robot control.
Not certain from the listing — The ecosystem could involve multi-robot coordination or fleet management. Threats include cascading physical failures or a single compromised robot propagating malicious commands to the fleet.
MAESTRO — the 7-layer agentic threat-modeling framework (Cloud Security Alliance / Ken Huang).
These scores are auto-generated from public information (the agent's own listing, docs, and repository) using the canonical OWASP AIVSS formula and the MAESTRO framework — an estimate for guidance, not a penetration test, audit, or certification. See the scoring methodology. Are you the vendor? Factual corrections are free.