AgentReadyHomeAgent Listing

← BabyVideo.ai

BabyVideo.ai — agentic threat model

6.6AIVSS 6.6 · Medium

BabyVideo.ai is a low-risk, single-purpose generative AI application with minimal agentic autonomy, but it carries significant privacy risks due to the processing and storage of sensitive baby photos.

OWASP AIVSS score rationale

AIVSS = (CVSS_Base + AARS) × Mitigation_Factor, where AARS = (10 − CVSS_Base) × (Factor_Sum / 10) × ThM
CVSS base 6.1AARS uplift 0.55Factor sum 1.4/10Threat ×1.0Mitigation ×1.0
Autonomy of Action
0.10
Goal-Driven Planning
0.00
Self-Modification
0.00
Dynamic Tool Use
0.10
Persistent Memory
0.10
Contextual Awareness
0.10
Dynamic Identity
0.00
Multi-Agent Interactions
0.00
Non-Determinism
0.60
Opacity & Reflexivity
0.40

Scored with the canonical OWASP AIVSS formula (AIVSS calculator reference); agentic risk factors estimated from the agent’s described capabilities.

MAESTRO 7-layer threat model

Per-layer threats for this agent. Layers tagged “not certain from listing” are general, caveated commentary where the public description didn’t pin that layer.

L1 · Foundation Models✓ mapped

Uses multi-model routing via Replicate (likely Stable Diffusion or similar video generation models). Primary threats include adversarial inputs bypassing safety filters to generate inappropriate content of minors, and model output misalignment.

L2 · Data Operations✓ mapped

Processes highly sensitive user-uploaded photos of babies. Key threats include unauthorized data exfiltration of private family photos and lack of clear data retention/deletion policies.

L3 · Agent Frameworks✓ mapped

Minimal agentic framework or orchestration; operates as a straightforward, linear pipeline (upload -> style -> generate). Low risk of tool misuse or complex planning failures.

L4 · Deployment & Infrastructure✓ mapped

Web application interacting with Replicate APIs. Primary risks include exposure of Replicate API keys, insecure storage of uploaded/generated media assets, and standard web application vulnerabilities.

L5 · Evaluation & Observability⚠ not certain from listing

Not certain from the listing — no details are provided regarding content moderation guardrails, input sanitization for baby photos, or logging and drift detection for the generation pipeline.

L6 · Security & Compliance (cross-cutting)⚠ not certain from listing

Not certain from the listing — while Google and GitHub OAuth are used for authentication, there is no mention of compliance with child privacy regulations (such as COPPA or GDPR-K) which are highly relevant to this domain.

L7 · Agent Ecosystem✓ mapped

The agent operates as a standalone horizontal web application with no multi-agent interactions or marketplace integrations, resulting in zero ecosystem-level threat exposure.

MAESTRO — the 7-layer agentic threat-modeling framework (Cloud Security Alliance / Ken Huang).