Abstract
The rapid adoption of agentic AI systems in enterprise environments has introduced unprecedented complexity and novel security risks, particularly as protocols like the Model Context Protocol (MCP) and Agent-to-Agent (A2A) become foundational for tool integration and agent collaboration. Traditional threat modeling frameworks, such as STRIDE and PASTA, fall short in capturing the layered, dynamic, and cross-protocol vulnerabilities unique to these systems. To address this gap, this thesis presents a comprehensive, workflow-centric risk assessment framework that extends the MAESTRO threat modeling methodology with quantitative metrics. By systematically mapping detected vulnerabilities in MCP and A2Aenabled workflows to the seven layers of MAESTRO, the framework introduces two novel metrics: the Workflow Exploitability Index (WEI) and the Risk Propagation Score (RPS). These metrics quantify both the ease of exploitation and the potential for cascading risk across complex agentic workflows. The framework is validated using adapted real-world and synthetic workflows, demonstrating its ability to prioritize high-risk scenarios that traditional tools overlook. This work establishes a foundation for protocol-aware, quantitative security assessment in agentic AI, enabling organizations to proactively identify, prioritize, and mitigate emerging threats.