AgentReadyHomeAgent Listing

← OmniHuman Avatars

OmniHuman Avatars — agentic threat model

6.0AIVSS 6.0 · Medium

OmniHuman Avatars is a generative AI video tool with minimal agentic capabilities, presenting low risk of autonomous action but high potential for abuse in creating unauthorized deepfakes, social engineering assets, or misinformation due to a lack of built-in consent verification.

OWASP AIVSS score rationale

AIVSS = (CVSS_Base + AARS) × Mitigation_Factor, where AARS = (10 − CVSS_Base) × (Factor_Sum / 10) × ThM
CVSS base 5.5AARS uplift 0.5Factor sum 1.1/10Threat ×1.0Mitigation ×1.0
Autonomy of Action
0.10
Goal-Driven Planning
0.00
Self-Modification
0.00
Dynamic Tool Use
0.00
Persistent Memory
0.00
Contextual Awareness
0.10
Dynamic Identity
0.00
Multi-Agent Interactions
0.00
Non-Determinism
0.40
Opacity & Reflexivity
0.50

Scored with the canonical OWASP AIVSS formula (AIVSS calculator reference); agentic risk factors estimated from the agent’s described capabilities.

MAESTRO 7-layer threat model

Per-layer threats for this agent. Layers tagged “not certain from listing” are general, caveated commentary where the public description didn’t pin that layer.

L1 · Foundation Models✓ mapped

Uses specialized vision-audio-to-video foundation models. Primary threats include adversarial inputs designed to bypass safety filters, model extraction/stealing, and the generation of misaligned or harmful synthetic media.

L2 · Data Operations⚠ not certain from listing

Not certain from the listing — details about training data curation, consent, and storage are omitted. Potential threats include training data poisoning (biasing facial/voice synthesis) and intellectual property/copyright disputes over training sets.

L3 · Agent Frameworks⚠ not certain from listing

Not certain from the listing — the system appears to function as a direct pipeline rather than an agentic framework. If orchestration code exists, threats are limited to input validation failures in the file processing pipeline.

L4 · Deployment & Infrastructure⚠ not certain from listing

Not certain from the listing — deployment is likely self-hosted or local given its open-source nature. Key infrastructure threats include GPU resource exhaustion (Denial of Service) during heavy video rendering tasks.

L5 · Evaluation & Observability⚠ not certain from listing

Not certain from the listing — there is no mention of built-in guardrails, output monitoring, or automated deepfake detection/watermarking to prevent the generation of malicious content.

L6 · Security & Compliance (cross-cutting)⚠ not certain from listing

Not certain from the listing — compliance with synthetic media regulations (such as the EU AI Act's transparency obligations for deepfakes) is unaddressed, and there are no apparent identity or consent verification controls for uploaded photos/voices.

L7 · Agent Ecosystem⚠ not certain from listing

Not certain from the listing — the tool operates as a standalone horizontal utility with no described multi-agent interactions or ecosystem marketplace integrations.

MAESTRO — the 7-layer agentic threat-modeling framework (Cloud Security Alliance / Ken Huang).