AgentReadyHomeAgent Listing

← yahoo-finance2

yahoo-finance2 — agentic threat model

5.2AIVSS 5.2 · Medium

This agent acts as a development assistant and code guide for the yahoo-finance2 library, presenting low direct operational risk but introducing downstream risks if it generates insecure financial data-fetching code or misconfigured MCP server setups.

OWASP AIVSS score rationale

AIVSS = (CVSS_Base + AARS) × Mitigation_Factor, where AARS = (10 − CVSS_Base) × (Factor_Sum / 10) × ThM
CVSS base 4.3AARS uplift 0.91Factor sum 1.6/10Threat ×1.0Mitigation ×1.0
Autonomy of Action
0.10
Goal-Driven Planning
0.20
Self-Modification
0.00
Dynamic Tool Use
0.20
Persistent Memory
0.10
Contextual Awareness
0.40
Dynamic Identity
0.00
Multi-Agent Interactions
0.10
Non-Determinism
0.30
Opacity & Reflexivity
0.20

Scored with the canonical OWASP AIVSS formula (AIVSS calculator reference); agentic risk factors estimated from the agent’s described capabilities.

MAESTRO 7-layer threat model

Per-layer threats for this agent. Layers tagged “not certain from listing” are general, caveated commentary where the public description didn’t pin that layer.

L1 · Foundation Models⚠ not certain from listing

Not certain from the listing — The underlying foundation model is not specified. It is vulnerable to standard LLM risks such as prompt injection or generating hallucinated/outdated library APIs that could break financial data pipelines.

L2 · Data Operations✓ mapped

The agent relies on knowledge of the yahoo-finance2 library, validation schemas, and cached fixtures. Gaps in data provenance or poisoned documentation could lead the agent to recommend insecure data validation practices.

L3 · Agent Frameworks✓ mapped

The agent guides users on using the library's CLI and Model Context Protocol (MCP) server. Insecure integration patterns or flawed tool-calling configurations recommended by the agent could expose local environments to command injection.

L4 · Deployment & Infrastructure⚠ not certain from listing

Not certain from the listing — The hosting environment of the agent is unspecified. If deployed without sandboxing, executing the CLI commands or MCP servers it guides could lead to local host compromise or unauthorized network egress.

L5 · Evaluation & Observability⚠ not certain from listing

Not certain from the listing — There are no mentioned observability, logging, or guardrail mechanisms to detect if the agent is outputting malicious code or insecure configuration schemas.

L6 · Security & Compliance (cross-cutting)⚠ not certain from listing

Not certain from the listing — No compliance frameworks, access controls, or identity management policies are defined for this open-source developer skill.

L7 · Agent Ecosystem✓ mapped

The agent supports MCP (Model Context Protocol), which facilitates multi-agent and tool-to-agent ecosystems. A compromised MCP server configuration could allow cascading failures or unauthorized data access across connected agent networks.

MAESTRO — the 7-layer agentic threat-modeling framework (Cloud Security Alliance / Ken Huang).