AgentReadyHomeAgent Listing

← Gmath AI

Gmath AI — agentic threat model

5.1AIVSS 5.1 · Medium

Gmath AI is a low-risk, single-purpose utility agent focused on math problem solving and OCR. Its primary security risks are limited to standard web application vulnerabilities (such as malicious file uploads) and prompt injection via adversarial handwritten inputs, with minimal agentic threat vector due to lack of system write access or tool autonomy.

OWASP AIVSS score rationale

AIVSS = (CVSS_Base + AARS) × Mitigation_Factor, where AARS = (10 − CVSS_Base) × (Factor_Sum / 10) × ThM
CVSS base 4.3AARS uplift 0.76Factor sum 1.4/10Threat ×0.95Mitigation ×1.0
Autonomy of Action
0.10
Goal-Driven Planning
0.20
Self-Modification
0.00
Dynamic Tool Use
0.20
Persistent Memory
0.10
Contextual Awareness
0.20
Dynamic Identity
0.00
Multi-Agent Interactions
0.00
Non-Determinism
0.30
Opacity & Reflexivity
0.30

Scored with the canonical OWASP AIVSS formula (AIVSS calculator reference); agentic risk factors estimated from the agent’s described capabilities.

MAESTRO 7-layer threat model

Per-layer threats for this agent. Layers tagged “not certain from listing” are general, caveated commentary where the public description didn’t pin that layer.

L1 · Foundation Models⚠ not certain from listing

Not certain from the listing — likely utilizes a multimodal foundation model for OCR and math reasoning. Vulnerable to adversarial math images (adversarial examples) or prompt injection embedded within handwritten text.

L2 · Data Operations⚠ not certain from listing

Not certain from the listing — processes user-uploaded images and text queries. Risks include data leakage if uploaded images contain sensitive personal information, and lack of clarity on whether user uploads are stored or used for downstream model training.

L3 · Agent Frameworks⚠ not certain from listing

Not certain from the listing — likely uses a basic wrapper or simple orchestration framework to sequence OCR and LLM generation. Low risk of tool misuse unless an unmentioned code execution environment (like a Python REPL) is used to verify math.

L4 · Deployment & Infrastructure⚠ not certain from listing

Not certain from the listing — hosted as a web application. Standard web vulnerabilities apply, such as Denial of Service (DoS) via large image uploads or server-side request forgery (SSRF) if the image processing pipeline is insecure.

L5 · Evaluation & Observability⚠ not certain from listing

Not certain from the listing — no mention of guardrails, output validation, or drift monitoring for math accuracy or prompt injection detection.

L6 · Security & Compliance (cross-cutting)⚠ not certain from listing

Not certain from the listing — open-source and freemium model, but lacks explicit compliance certifications (e.g., SOC2, GDPR) or robust identity/access management controls in the description.

L7 · Agent Ecosystem✓ mapped

No multi-agent interactions or marketplace integrations are described; operates as a standalone single-user utility, minimizing ecosystem risks.

MAESTRO — the 7-layer agentic threat-modeling framework (Cloud Security Alliance / Ken Huang).