AgentReadyHomeAgent Listing

← Caspa AI

Caspa AI — agentic threat model

5.4AIVSS 5.4 · Medium

Caspa AI is a low-risk, human-in-the-loop image generation and editing tool with minimal agentic autonomy. Its primary security risks center around data privacy of uploaded product designs and the potential generation of inappropriate or copyrighted content.

OWASP AIVSS score rationale

AIVSS = (CVSS_Base + AARS) × Mitigation_Factor, where AARS = (10 − CVSS_Base) × (Factor_Sum / 10) × ThM
CVSS base 4.3AARS uplift 1.08Factor sum 2.0/10Threat ×0.95Mitigation ×1.0
Autonomy of Action
0.10
Goal-Driven Planning
0.10
Self-Modification
0.00
Dynamic Tool Use
0.10
Persistent Memory
0.20
Contextual Awareness
0.30
Dynamic Identity
0.00
Multi-Agent Interactions
0.00
Non-Determinism
0.70
Opacity & Reflexivity
0.50

Scored with the canonical OWASP AIVSS formula (AIVSS calculator reference); agentic risk factors estimated from the agent’s described capabilities.

MAESTRO 7-layer threat model

Per-layer threats for this agent. Layers tagged “not certain from listing” are general, caveated commentary where the public description didn’t pin that layer.

L1 · Foundation Models⚠ not certain from listing

Not certain from the listing — likely utilizes latent diffusion models (e.g., Stable Diffusion variants) for text-to-image, in-painting, and out-painting. Primary threats include adversarial prompt injection to bypass safety filters (NSFW/copyright) and model reprogramming.

L2 · Data Operations⚠ not certain from listing

Not certain from the listing — processes user-uploaded product photos and brand assets. Key risks include data exfiltration of unreleased product designs and potential data poisoning if user uploads are ingested for model fine-tuning.

L3 · Agent Frameworks⚠ not certain from listing

Not certain from the listing — does not appear to use a complex agentic orchestration framework, operating instead as a standard web application with model endpoints. Threats of tool misuse are low due to the lack of autonomous tool-calling capabilities.

L4 · Deployment & Infrastructure⚠ not certain from listing

Not certain from the listing — likely hosted on cloud GPU infrastructure. Threats include standard web application vulnerabilities (OWASP Top 10) and unauthorized access to cloud storage buckets containing user-generated images.

L5 · Evaluation & Observability⚠ not certain from listing

Not certain from the listing — requires input/output guardrails to prevent the generation of offensive, deepfake, or copyrighted imagery, as well as monitoring for abuse of the freemium tier.

L6 · Security & Compliance (cross-cutting)⚠ not certain from listing

Not certain from the listing — needs robust access controls (AuthN/AuthZ) to protect user accounts, billing information, and proprietary brand assets, especially given its e-commerce focus.

L7 · Agent Ecosystem⚠ not certain from listing

Not certain from the listing — operates as a standalone vertical SaaS tool with no described multi-agent or marketplace integrations, making ecosystem-level threats negligible.

MAESTRO — the 7-layer agentic threat-modeling framework (Cloud Security Alliance / Ken Huang).