AgentReadyHomeAgent Listing

← Makeform AI

Makeform AI — agentic threat model

8.3AIVSS 8.3 · High

Makeform AI presents a moderate risk profile; while primarily a productivity tool for form generation, its capability to construct automated workflows introduces potential vectors for data exfiltration, phishing generation, and insecure third-party integrations if compromised.

OWASP AIVSS score rationale

AIVSS = (CVSS_Base + AARS) × Mitigation_Factor, where AARS = (10 − CVSS_Base) × (Factor_Sum / 10) × ThM
CVSS base 7.5AARS uplift 0.85Factor sum 3.4/10Threat ×1.0Mitigation ×1.0
Autonomy of Action
0.40
Goal-Driven Planning
0.50
Self-Modification
0.10
Dynamic Tool Use
0.50
Persistent Memory
0.30
Contextual Awareness
0.40
Dynamic Identity
0.20
Multi-Agent Interactions
0.10
Non-Determinism
0.50
Opacity & Reflexivity
0.40

Scored with the canonical OWASP AIVSS formula (AIVSS calculator reference); agentic risk factors estimated from the agent’s described capabilities.

MAESTRO 7-layer threat model

Per-layer threats for this agent. Layers tagged “not certain from listing” are general, caveated commentary where the public description didn’t pin that layer.

L1 · Foundation Models⚠ not certain from listing

Not certain from the listing — Likely relies on commercial LLMs to translate user prompts into form schemas. Risks include prompt injection that could force the model to generate phishing forms or embed malicious scripts into the form structure.

L2 · Data Operations⚠ not certain from listing

Not certain from the listing — Handles user-defined form schemas and potentially collected form submission data. Risks include data exfiltration of sensitive form submissions and potential training data poisoning if user inputs are used to train future form-generation models.

L3 · Agent Frameworks⚠ not certain from listing

Not certain from the listing — Orchestrates the generation of form fields and workflow logic. Risks include insecure tool integration if the framework automatically connects generated forms to external databases or APIs without strict validation.

L4 · Deployment & Infrastructure⚠ not certain from listing

Not certain from the listing — Hosted as a closed-source SaaS platform. Risks include infrastructure compromise leading to unauthorized access to hosted forms and the databases storing user form submissions.

L5 · Evaluation & Observability⚠ not certain from listing

Not certain from the listing — No details on guardrails to prevent the generation of deceptive (phishing) forms. Risks include a lack of real-time monitoring to detect when the AI is being abused to generate malicious data-gathering interfaces.

L6 · Security & Compliance (cross-cutting)⚠ not certain from listing

Not certain from the listing — No explicit mention of compliance standards (e.g., GDPR, HIPAA) which are critical for forms collecting personally identifiable information (PII). Risks include regulatory non-compliance and weak access controls over form data.

L7 · Agent Ecosystem⚠ not certain from listing

Not certain from the listing — The mention of 'workflows' implies integration with external ecosystems (e.g., webhooks, email services). Risks include cascading failures or unauthorized data transmission if downstream workflow integrations are hijacked.

MAESTRO — the 7-layer agentic threat-modeling framework (Cloud Security Alliance / Ken Huang).