AgentReadyHomeAgent Listing

← Oh My Guests

Oh My Guests — agentic threat model

7.7AIVSS 7.7 · High

Oh My Guests presents a moderate risk profile primarily due to its direct interaction with the public telephony network and handling of guest PII, which could be leveraged for vishing, social engineering, or data exfiltration if compromised.

OWASP AIVSS score rationale

AIVSS = (CVSS_Base + AARS) × Mitigation_Factor, where AARS = (10 − CVSS_Base) × (Factor_Sum / 10) × ThM
CVSS base 6.3AARS uplift 1.37Factor sum 3.7/10Threat ×1.0Mitigation ×1.0
Autonomy of Action
0.80
Goal-Driven Planning
0.40
Self-Modification
0.00
Dynamic Tool Use
0.50
Persistent Memory
0.50
Contextual Awareness
0.30
Dynamic Identity
0.20
Multi-Agent Interactions
0.00
Non-Determinism
0.60
Opacity & Reflexivity
0.40

Scored with the canonical OWASP AIVSS formula (AIVSS calculator reference); agentic risk factors estimated from the agent’s described capabilities.

MAESTRO 7-layer threat model

Per-layer threats for this agent. Layers tagged “not certain from listing” are general, caveated commentary where the public description didn’t pin that layer.

L1 · Foundation Models⚠ not certain from listing

Not certain from the listing — likely utilizes a pipeline of speech-to-text, LLM, and text-to-speech. Primary threats include voice-based prompt injection (jailbreaking the agent over the phone) and output misalignment, causing the agent to make inappropriate statements to guests.

L2 · Data Operations⚠ not certain from listing

Not certain from the listing — manages guest lists containing names, phone numbers, and RSVP statuses. Threats include unauthorized access to this PII, data exfiltration, and database poisoning to alter RSVP records.

L3 · Agent Frameworks⚠ not certain from listing

Not certain from the listing — orchestrates call flows and state transitions (e.g., handling busy signals, voicemails, or live answers). Threats include state machine bypasses and manipulation of the dialing tool to call unauthorized or premium numbers.

L4 · Deployment & Infrastructure⚠ not certain from listing

Not certain from the listing — relies on telephony infrastructure (e.g., Twilio) and web servers. Vulnerabilities include SIP trunk hijacking, exposure of telephony API keys, and insecure webhook endpoints handling call status updates.

L5 · Evaluation & Observability⚠ not certain from listing

Not certain from the listing — features 'Listen calls' which indicates call recording and logging. Gaps may exist in real-time guardrails to detect and terminate calls where the agent is being manipulated or verbally abused.

L6 · Security & Compliance (cross-cutting)⚠ not certain from listing

Not certain from the listing — processes PII and records voice calls. Compliance risks include TCPA (Telephone Consumer Protection Act) violations, lack of explicit recording consent (GDPR/wiretapping laws), and insufficient access controls for the wedding hosts.

L7 · Agent Ecosystem⚠ not certain from listing

Not certain from the listing — operates primarily as a standalone vertical agent. Ecosystem risks are low, though potential future integrations with wedding registries or planning platforms could introduce API-based trust boundaries.

MAESTRO — the 7-layer agentic threat-modeling framework (Cloud Security Alliance / Ken Huang).