AgentReadyHomeAgent Listing

← Tonkean

Tonkean — agentic threat model

8.0AIVSS 8.0 · High

Tonkean presents a high agentic risk profile due to its deep integration with core enterprise systems (legal, procurement, IT) and its multi-agent orchestration capabilities. While its emphasis on process governance and visibility mitigates some risk, a compromise could lead to significant unauthorized enterprise actions and data exfiltration.

OWASP AIVSS score rationale

AIVSS = (CVSS_Base + AARS) × Mitigation_Factor, where AARS = (10 − CVSS_Base) × (Factor_Sum / 10) × ThM
CVSS base 8.5AARS uplift 0.94Factor sum 6.0/10Threat ×1.05Mitigation ×0.85
Autonomy of Action
0.80
Goal-Driven Planning
0.70
Self-Modification
0.20
Dynamic Tool Use
0.80
Persistent Memory
0.60
Contextual Awareness
0.70
Dynamic Identity
0.50
Multi-Agent Interactions
0.80
Non-Determinism
0.50
Opacity & Reflexivity
0.40

Scored with the canonical OWASP AIVSS formula (AIVSS calculator reference); agentic risk factors estimated from the agent’s described capabilities.

MAESTRO 7-layer threat model

Per-layer threats for this agent. Layers tagged “not certain from listing” are general, caveated commentary where the public description didn’t pin that layer.

L1 · Foundation Models⚠ not certain from listing

Not certain from the listing — Tonkean is closed source and does not specify which foundation LLMs are utilized for triaging and guiding users, leaving potential exposure to model-specific vulnerabilities like adversarial prompt injection or mis-aligned outputs unquantified.

L2 · Data Operations⚠ not certain from listing

Not certain from the listing — While the platform connects to core enterprise systems and forms to ingest data, the specific data operations, vector database usage, RAG architecture, and data sanitization practices are not disclosed.

L3 · Agent Frameworks✓ mapped

Tonkean utilizes a proprietary agentic orchestration framework and no-code builder to coordinate planning and tool execution. The primary threat here is insecure tool integration or tool misuse, as the agent connects directly to communication tools (Slack, Teams) and core enterprise systems to automate workflows.

L4 · Deployment & Infrastructure⚠ not certain from listing

Not certain from the listing — The hosting environment, network isolation, secrets management for connected core systems, and execution sandboxing are not detailed in the public directory listing.

L5 · Evaluation & Observability✓ mapped

The platform explicitly highlights 'visibility' and 'process governance' as core features to monitor autonomous agents. However, it is unclear if this includes specialized AI-level evaluation, real-time guardrails, or drift detection beyond standard workflow logging.

L6 · Security & Compliance (cross-cutting)✓ mapped

Designed for large enterprise shared services (procurement, legal, IT), Tonkean emphasizes 'compliant processes' and governance. This implies integration with enterprise identity providers and access control policies, though specific compliance certifications (e.g., SOC2, ISO) are not explicitly listed.

L7 · Agent Ecosystem✓ mapped

Tonkean supports an ecosystem where 'autonomous agents can collaborate safely across the tech stack'. This multi-agent orchestration introduces risks of cascading failures, agent-to-agent trust abuse, and unexpected emergent behaviors across integrated enterprise tools.

MAESTRO — the 7-layer agentic threat-modeling framework (Cloud Security Alliance / Ken Huang).