AgentReadyHomeAgent Listing

← last30days

last30days — agentic threat model

8.7AIVSS 8.7 · High

The 'last30days' agent presents a high-risk profile due to its execution of bundled Bash scripts and file operations combined with ingestion of untrusted data from eight external web sources, creating a strong vector for indirect prompt injection and remote code execution.

OWASP AIVSS score rationale

AIVSS = (CVSS_Base + AARS) × Mitigation_Factor, where AARS = (10 − CVSS_Base) × (Factor_Sum / 10) × ThM
CVSS base 8.1AARS uplift 0.62Factor sum 3.1/10Threat ×1.05Mitigation ×1.0
Autonomy of Action
0.40
Goal-Driven Planning
0.30
Self-Modification
0.00
Dynamic Tool Use
0.70
Persistent Memory
0.10
Contextual Awareness
0.60
Dynamic Identity
0.20
Multi-Agent Interactions
0.00
Non-Determinism
0.50
Opacity & Reflexivity
0.30

Scored with the canonical OWASP AIVSS formula (AIVSS calculator reference); agentic risk factors estimated from the agent’s described capabilities.

MAESTRO 7-layer threat model

Per-layer threats for this agent. Layers tagged “not certain from listing” are general, caveated commentary where the public description didn’t pin that layer.

L1 · Foundation Models⚠ not certain from listing

Not certain from the listing — the description does not specify the underlying foundation LLM used to drive the skill, leaving threats like model reprogramming or adversarial vulnerability unquantified.

L2 · Data Operations✓ mapped

Aggregates data from 8 external social and web sources (Reddit, X, YouTube, TikTok, Hacker News, Polymarket, GitHub, and general web). This creates an extremely high surface area for data poisoning and indirect prompt injection via untrusted user-generated content.

L3 · Agent Frameworks✓ mapped

Orchestrates via bundled Bash scripts and a WebSearch pipeline. This introduces severe risks of command injection and tool misuse if untrusted inputs from the web are passed unsanitized into the Bash execution environment.

L4 · Deployment & Infrastructure✓ mapped

Executes local scripts, reads/writes files, and makes outbound web/API calls. Without explicit sandboxing or containerization mentioned, this poses a direct threat of host compromise, local file disclosure, and lateral network movement.

L5 · Evaluation & Observability⚠ not certain from listing

Not certain from the listing — there is no mention of logging, guardrails, output sanitization, or observability mechanisms to detect anomalous script execution or malicious payloads.

L6 · Security & Compliance (cross-cutting)⚠ not certain from listing

Not certain from the listing — as a free, open-source skill, there are no documented access controls, authentication mechanisms, or compliance alignments (e.g., NIST, ISO) provided.

L7 · Agent Ecosystem⚠ not certain from listing

Not certain from the listing — the agent is described as a standalone user-invocable skill with no explicit multi-agent coordination or ecosystem marketplace trust boundaries defined.

MAESTRO — the 7-layer agentic threat-modeling framework (Cloud Security Alliance / Ken Huang).