AgentReadyHomeAgent Listing

← ShortGPT

ShortGPT — agentic threat model

8.6AIVSS 8.6 · High

ShortGPT is an open-source video automation framework with moderate agentic risk, primarily stemming from automated internet asset sourcing and local execution of video editing tools, which could be exploited via prompt injection or malicious assets to compromise the host system or leak API keys.

OWASP AIVSS score rationale

AIVSS = (CVSS_Base + AARS) × Mitigation_Factor, where AARS = (10 − CVSS_Base) × (Factor_Sum / 10) × ThM
CVSS base 7.8AARS uplift 0.79Factor sum 3.6/10Threat ×1.0Mitigation ×1.0
Autonomy of Action
0.50
Goal-Driven Planning
0.60
Self-Modification
0.10
Dynamic Tool Use
0.50
Persistent Memory
0.20
Contextual Awareness
0.40
Dynamic Identity
0.10
Multi-Agent Interactions
0.10
Non-Determinism
0.70
Opacity & Reflexivity
0.40

Scored with the canonical OWASP AIVSS formula (AIVSS calculator reference); agentic risk factors estimated from the agent’s described capabilities.

MAESTRO 7-layer threat model

Per-layer threats for this agent. Layers tagged “not certain from listing” are general, caveated commentary where the public description didn’t pin that layer.

L1 · Foundation Models⚠ not certain from listing

Not certain from the listing — The specific LLMs and voice synthesis models used are not detailed, but they are susceptible to prompt injection that could force the generation of inappropriate, copyrighted, or malicious scripts and voiceovers.

L2 · Data Operations⚠ not certain from listing

Not certain from the listing — The mechanism for caching or storing sourced assets is unspecified. However, automated asset sourcing from the internet introduces risks of data poisoning or downloading malicious media payloads.

L3 · Agent Frameworks✓ mapped

The Python framework orchestrates planning, asset sourcing, and video editing. A key threat is insecure tool integration, where untrusted LLM outputs could influence command-line arguments for video editing tools (like FFmpeg), potentially leading to local command injection.

L4 · Deployment & Infrastructure⚠ not certain from listing

Not certain from the listing — The deployment environment (local, Docker, or cloud) is up to the user. The primary threat is the exposure of sensitive API keys (e.g., LLM providers, TTS engines) stored in local environment files.

L5 · Evaluation & Observability⚠ not certain from listing

Not certain from the listing — There is no mention of built-in guardrails, content moderation, or observability logging to detect and block the generation of harmful or copyrighted content before compilation.

L6 · Security & Compliance (cross-cutting)✓ mapped

As an open-source framework, there are no native identity, authorization, or compliance controls. Security responsibility is entirely shifted to the end-user deploying the code.

L7 · Agent Ecosystem✓ mapped

ShortGPT operates as a standalone content generation tool and does not natively interact with a multi-agent ecosystem or external agent marketplaces, minimizing agent-to-agent trust threats.

MAESTRO — the 7-layer agentic threat-modeling framework (Cloud Security Alliance / Ken Huang).