AgentReadyHomeAgent Listing

← Brickwise

Brickwise — agentic threat model

9.1AIVSS 9.1 · Critical

Alice (Brickwise) presents a moderate-to-high risk profile due to its 24/7 autonomous interaction with tenants and integration with property management systems, which could be exploited via prompt injection to trigger unauthorized maintenance dispatches or leak tenant PII.

OWASP AIVSS score rationale

AIVSS = (CVSS_Base + AARS) × Mitigation_Factor, where AARS = (10 − CVSS_Base) × (Factor_Sum / 10) × ThM
CVSS base 8.2AARS uplift 0.86Factor sum 4.8/10Threat ×1.0Mitigation ×1.0
Autonomy of Action
0.80
Goal-Driven Planning
0.70
Self-Modification
0.10
Dynamic Tool Use
0.60
Persistent Memory
0.60
Contextual Awareness
0.60
Dynamic Identity
0.20
Multi-Agent Interactions
0.10
Non-Determinism
0.60
Opacity & Reflexivity
0.50

Scored with the canonical OWASP AIVSS formula (AIVSS calculator reference); agentic risk factors estimated from the agent’s described capabilities.

MAESTRO 7-layer threat model

Per-layer threats for this agent. Layers tagged “not certain from listing” are general, caveated commentary where the public description didn’t pin that layer.

L1 · Foundation Models⚠ not certain from listing

Not certain from the listing — likely utilizes commercial LLMs and voice synthesis models. Primary threats include prompt injection via tenant voice/text channels to bypass property policies or extract system instructions.

L2 · Data Operations⚠ not certain from listing

Not certain from the listing — likely connects to a database or vector store containing tenant PII, lease agreements, and property rules. Threats include unauthorized data exfiltration of sensitive tenant details or knowledge-base poisoning.

L3 · Agent Frameworks⚠ not certain from listing

Not certain from the listing — likely uses an orchestration framework to parse tenant requests and trigger actions. Threats include insecure tool integration where malicious inputs trigger unauthorized maintenance tickets or API calls to property management software.

L4 · Deployment & Infrastructure⚠ not certain from listing

Not certain from the listing — likely hosted on cloud infrastructure with integrations to telephony (e.g., Twilio) and property management APIs. Threats include exposure of API keys and lack of sandboxing for webhook execution.

L5 · Evaluation & Observability⚠ not certain from listing

Not certain from the listing — requires continuous monitoring of conversational logs and automated actions. Threats include blind spots in voice-to-text transcription logging, allowing undetected social engineering of the agent.

L6 · Security & Compliance (cross-cutting)⚠ not certain from listing

Not certain from the listing — must adhere to tenant privacy laws (GDPR/CCPA) and fair housing regulations. Threats include lack of robust authentication, allowing unauthorized callers to masquerade as tenants or landlords.

L7 · Agent Ecosystem⚠ not certain from listing

Not certain from the listing — likely operates as a standalone agent interacting with external APIs rather than a multi-agent ecosystem. Threats include cascading failures if downstream contractor dispatch systems are compromised.

MAESTRO — the 7-layer agentic threat-modeling framework (Cloud Security Alliance / Ken Huang).