Litero AI — agentic threat model

Not certain from the listing — likely utilizes third-party commercial LLMs for text generation and paraphrasing. Key threats include prompt injection to bypass safety filters or generate academic misconduct material, and model misalignment leading to hallucinated citations despite claims of accuracy.

Processes user-uploaded PDFs ('ask your PDF') and retrieves data from academic libraries and online sources. This introduces risks of malicious PDF uploads exploiting parser vulnerabilities, data exfiltration of unpublished research, and indirect prompt injection via poisoned academic sources or web search results.

Not certain from the listing — likely employs a proprietary RAG and orchestration framework to coordinate PDF querying and web search. Threats include insecure tool integration, such as Server-Side Request Forgery (SSRF) during online research, and prompt injection manipulating the citation generation logic.

Not certain from the listing — deployed as a closed-source SaaS platform. Primary threats include inadequate sandboxing of the PDF parsing environment, exposing the host to remote code execution, and insecure storage of user-uploaded manuscripts.

Not certain from the listing — no explicit mention of security guardrails, logging, or drift monitoring. The 'AI detector & humanizer' feature suggests a focus on output styling rather than safety monitoring, leaving potential blind spots for abusive or malicious prompt patterns.

Not certain from the listing — likely relies on standard SaaS user authentication. Compliance risks center on intellectual property ownership of AI-generated academic work, plagiarism detection evasion, and GDPR/CCPA compliance regarding uploaded research data.

Operates as a standalone, single-agent writing assistant with no multi-agent or marketplace interactions described. Ecosystem threats are minimal, restricted to potential future integrations with third-party reference managers or academic databases.