LLM03

Supply Chain

Compromised third-party models, datasets, or plugins introduce vulnerabilities, backdoors, or malicious behavior into LLM deployments.

1 write-ups1 labs1 demos1 tools
LLM03intermediatehigh
Anatomy of a Poisoned HuggingFace Model
What makes a supply chain attack on an ML model dangerous, and what to look for when auditing third-party models.
supply-chainmodel-poisoninghuggingfaceprovenance