AgentReadyHomeAgent Listing

← Adot

Adot — agentic threat model

6.9AIVSS 6.9 · Medium

Adot presents a moderate agentic risk profile, primarily acting as an AI-driven decentralized search network where the main threat vector is the potential for poisoned search results to facilitate Web3 phishing or smart contract exploitation.

OWASP AIVSS score rationale

AIVSS = (CVSS_Base + AARS) × Mitigation_Factor, where AARS = (10 − CVSS_Base) × (Factor_Sum / 10) × ThM
CVSS base 7.5AARS uplift 0.58Factor sum 2.2/10Threat ×1.05Mitigation ×0.85
Autonomy of Action
0.20
Goal-Driven Planning
0.10
Self-Modification
0.00
Dynamic Tool Use
0.30
Persistent Memory
0.20
Contextual Awareness
0.40
Dynamic Identity
0.20
Multi-Agent Interactions
0.10
Non-Determinism
0.40
Opacity & Reflexivity
0.30

Scored with the canonical OWASP AIVSS formula (AIVSS calculator reference); agentic risk factors estimated from the agent’s described capabilities.

MAESTRO 7-layer threat model

Per-layer threats for this agent. Layers tagged “not certain from listing” are general, caveated commentary where the public description didn’t pin that layer.

L1 · Foundation Models⚠ not certain from listing

Not certain from the listing — The specific LLMs or foundation models driving the search functionalities are not disclosed. Potential threats include prompt injection or adversarial queries designed to bypass search filters or manipulate ranking algorithms.

L2 · Data Operations⚠ not certain from listing

Not certain from the listing — While it mentions a decentralized search network and user-controlled data, the exact data pipeline, indexing methods, and vector database security are unspecified. Threats include index poisoning where malicious actors inject fraudulent Web3 data into the search index.

L3 · Agent Frameworks⚠ not certain from listing

Not certain from the listing — The orchestration framework for translating search queries into AI-driven results is not detailed. Insecure tool integration could occur if the API allows arbitrary execution of search parameters within dApps.

L4 · Deployment & Infrastructure⚠ not certain from listing

Not certain from the listing — The infrastructure leverages blockchain for decentralization, but the hosting of the search nodes, API gateways, and physical servers is not described. Threats include node compromise or Sybil attacks on the decentralized network.

L5 · Evaluation & Observability⚠ not certain from listing

Not certain from the listing — There is no mention of search result validation, drift monitoring, or guardrails to prevent the retrieval of malicious or fraudulent Web3 links.

L6 · Security & Compliance (cross-cutting)⚠ not certain from listing

Not certain from the listing — The listing highlights privacy and user-controlled data management, but lacks details on formal compliance certifications, access control mechanisms, or cryptographic auditability of the search results.

L7 · Agent Ecosystem⚠ not certain from listing

Not certain from the listing — It is designed to integrate with dApps and developer ecosystems, but the specific trust boundaries and multi-agent interaction protocols are not defined. Threats include cascading failures if downstream dApps blindly trust search outputs.

MAESTRO — the 7-layer agentic threat-modeling framework (Cloud Security Alliance / Ken Huang).