AgentReadyHomeAgent Listing

← Fabrile

Fabrile — agentic threat model

9.6AIVSS 9.6 · Critical

Fabrile acts as a high-risk integration hub, connecting LLM agents directly to sensitive communication channels (Slack, WhatsApp) and enterprise data repositories (Google Drive). A compromise of this platform could lead to widespread data exfiltration, automated phishing, and unauthorized file manipulation across an organization's workspace.

OWASP AIVSS score rationale

AIVSS = (CVSS_Base + AARS) × Mitigation_Factor, where AARS = (10 − CVSS_Base) × (Factor_Sum / 10) × ThM
CVSS base 8.5AARS uplift 1.07Factor sum 6.5/10Threat ×1.1Mitigation ×1.0
Autonomy of Action
0.80
Goal-Driven Planning
0.70
Self-Modification
0.20
Dynamic Tool Use
0.90
Persistent Memory
0.60
Contextual Awareness
0.80
Dynamic Identity
0.60
Multi-Agent Interactions
0.50
Non-Determinism
0.70
Opacity & Reflexivity
0.70

Scored with the canonical OWASP AIVSS formula (AIVSS calculator reference); agentic risk factors estimated from the agent’s described capabilities.

MAESTRO 7-layer threat model

Per-layer threats for this agent. Layers tagged “not certain from listing” are general, caveated commentary where the public description didn’t pin that layer.

L1 · Foundation Models⚠ not certain from listing

Not certain from the listing — The specific foundation models used by Fabrile are not disclosed. Standard LLM risks such as prompt injection and adversarial manipulation remain highly relevant given the natural language interfaces of Slack and WhatsApp.

L2 · Data Operations✓ mapped

Fabrile features RAG syncing and Google Drive connectivity. This introduces significant risks of data poisoning (injecting malicious instructions into synced documents) and unauthorized data exfiltration if the agent is manipulated into reading and leaking sensitive files.

L3 · Agent Frameworks✓ mapped

As an agent builder with Slack and WhatsApp connectivity, the framework must securely manage tool execution. Insecure tool integration could allow an attacker to hijack the agent's messaging capabilities to send unauthorized communications or execute malicious commands.

L4 · Deployment & Infrastructure⚠ not certain from listing

Not certain from the listing — The deployment architecture, hosting environment, and sandboxing mechanisms for executing agent workflows are not specified in the public directory listing.

L5 · Evaluation & Observability⚠ not certain from listing

Not certain from the listing — There is no mention of built-in guardrails, evaluation frameworks, or observability logging to detect anomalous agent behavior or prompt injection attempts.

L6 · Security & Compliance (cross-cutting)⚠ not certain from listing

Not certain from the listing — Although it is a paid, closed-source platform, the listing does not detail specific compliance certifications (e.g., SOC2, ISO 27001) or enterprise access control policies.

L7 · Agent Ecosystem✓ mapped

As an AI agent builder platform, Fabrile likely supports the creation of multiple agents. This introduces ecosystem risks where a compromise of one agent or integration (e.g., Slack) could cascade to other connected services (e.g., Google Drive) through shared platform trust.

MAESTRO — the 7-layer agentic threat-modeling framework (Cloud Security Alliance / Ken Huang).