AgentReadyHomeAgent Listing

← PolyAI agent

PolyAI agent — agentic threat model

5.6AIVSS 5.6 · Medium

PolyAI presents a moderate-to-high agentic risk due to its deep integration into enterprise systems via universal APIs and its public-facing voice interface, though this is heavily mitigated by an exceptionally robust compliance and security certification posture.

OWASP AIVSS score rationale

AIVSS = (CVSS_Base + AARS) × Mitigation_Factor, where AARS = (10 − CVSS_Base) × (Factor_Sum / 10) × ThM
CVSS base 8.5AARS uplift 0.78Factor sum 5.2/10Threat ×1.0Mitigation ×0.6
Autonomy of Action
0.70
Goal-Driven Planning
0.60
Self-Modification
0.10
Dynamic Tool Use
0.70
Persistent Memory
0.50
Contextual Awareness
0.80
Dynamic Identity
0.30
Multi-Agent Interactions
0.40
Non-Determinism
0.60
Opacity & Reflexivity
0.50

Scored with the canonical OWASP AIVSS formula (AIVSS calculator reference); agentic risk factors estimated from the agent’s described capabilities.

MAESTRO 7-layer threat model

Per-layer threats for this agent. Layers tagged “not certain from listing” are general, caveated commentary where the public description didn’t pin that layer.

L1 · Foundation Models✓ mapped

Uses proprietary foundational models for speech-to-text, LLMs, and text-to-speech. Threats include adversarial audio injections, model stealing of proprietary weights, and voice-based prompt injection leading to misaligned outputs.

L2 · Data Operations⚠ not certain from listing

Not certain from the listing — likely processes customer interaction data and integrates with enterprise databases via APIs, posing risks of data exfiltration, unauthorized access to sensitive customer records, or training data poisoning if customer interactions are used for continuous fine-tuning.

L3 · Agent Frameworks✓ mapped

Orchestrated via 'Agent Studio' with universal API integrations. Threats include insecure tool integration, API key exposure, and unauthorized action execution via voice-driven tool calling.

L4 · Deployment & Infrastructure⚠ not certain from listing

Not certain from the listing — enterprise voice deployment implies cloud hosting (SaaS) with API endpoints, requiring robust secrets management for universal integrations and protection against container/host compromise.

L5 · Evaluation & Observability✓ mapped

Features robust analytics capabilities to power business decisions. Threats include blind spots in conversational logging, insufficient detection of adversarial voice inputs, and evaluation gaming during agent testing in Agent Studio.

L6 · Security & Compliance (cross-cutting)✓ mapped

Highly robust security posture with extensive compliance certifications including HIPAA, ISO 27001, SOC 2, GDPR, PCI DSS, FSQS, and CyberEssentials Plus, mitigating risks of unauthorized data access and regulatory non-compliance.

L7 · Agent Ecosystem⚠ not certain from listing

Not certain from the listing — primarily functions as a direct enterprise-to-customer voice agent, but universal API integrations could expose it to cascading failures if integrated with other external agents or APIs.

MAESTRO — the 7-layer agentic threat-modeling framework (Cloud Security Alliance / Ken Huang).