AgentReadyHomeAgent Listing

← Inferable

Inferable — agentic threat model

6.4AIVSS 6.4 · Medium

Inferable presents a moderate-to-high agentic risk due to its powerful distributed tool-calling capabilities across private networks, but this is heavily counterbalanced by strong architectural mitigations including on-premise execution, no inbound connections, and built-in observability.

OWASP AIVSS score rationale

AIVSS = (CVSS_Base + AARS) × Mitigation_Factor, where AARS = (10 − CVSS_Base) × (Factor_Sum / 10) × ThM
CVSS base 8.5AARS uplift 0.68Factor sum 4.5/10Threat ×1.0Mitigation ×0.7
Autonomy of Action
0.60
Goal-Driven Planning
0.50
Self-Modification
0.10
Dynamic Tool Use
0.80
Persistent Memory
0.30
Contextual Awareness
0.50
Dynamic Identity
0.40
Multi-Agent Interactions
0.30
Non-Determinism
0.60
Opacity & Reflexivity
0.40

Scored with the canonical OWASP AIVSS formula (AIVSS calculator reference); agentic risk factors estimated from the agent’s described capabilities.

MAESTRO 7-layer threat model

Per-layer threats for this agent. Layers tagged “not certain from listing” are general, caveated commentary where the public description didn’t pin that layer.

L1 · Foundation Models⚠ not certain from listing

Not certain from the listing — Inferable acts as a control plane and runtime orchestrator but does not specify native foundation models, meaning model-level threats (poisoning, alignment) depend entirely on the external LLMs integrated by the developer.

L2 · Data Operations⚠ not certain from listing

Not certain from the listing — While the platform guarantees that sensitive data remains within the user's infrastructure, specific details regarding vector database integrations, RAG pipelines, or data lineage controls are not explicitly defined.

L3 · Agent Frameworks✓ mapped

Inferable's core value proposition is its distributed tool calling architecture. This introduces significant risks of tool misuse, injection attacks via tool arguments, and orchestration vulnerabilities, though separating runtime from execution helps isolate failures.

L4 · Deployment & Infrastructure✓ mapped

Strong security posture at this layer due to on-premise execution and private networking requiring no inbound connections. This significantly reduces the external attack surface and mitigates lateral movement risks from external actors.

L5 · Evaluation & Observability✓ mapped

Features built-in observability and monitoring tools, which directly address the threat of logging gaps and blind spots, enabling developers to audit tool execution and detect anomalous agent behavior in real-time.

L6 · Security & Compliance (cross-cutting)✓ mapped

Addresses compliance and data privacy through Sentinel integration (Enterprise tier) and on-premise data residency, allowing organizations to maintain strict governance over LLM interactions.

L7 · Agent Ecosystem⚠ not certain from listing

Not certain from the listing — The platform focuses on developer-defined tool calling and execution rather than an open multi-agent ecosystem or marketplace, meaning cascading agent-to-agent trust threats are minimal unless custom-built by the developer.

MAESTRO — the 7-layer agentic threat-modeling framework (Cloud Security Alliance / Ken Huang).