Trusted LLMs: OSS Model Supply Chain Security Leaderboard

Comprehensive security validation for ML model artifacts

15+ Validators

Pickle RCE, backdoor detection, buffer overflow, tokenizer hijacking, and more

Model Signing

Cryptographic signatures with Sigstore/Cosign for artifact integrity verification

SLSA Provenance

Supply chain attestations following SLSA framework for build verification

SafeTensors & GGUF

Native validation for modern safe formats with integrity checks

Backdoor Detection

Statistical analysis for weight anomalies, baseline drift, and trojan patterns

Behavioral Analysis

Inference-time monitoring for prompt injection and tool call manipulation

MITRE ATLAS Mapping

Findings mapped to ML attack taxonomy for threat intelligence

Policy Enforcement

Configurable allow/deny/quarantine policies for CI/CD integration

Loading models...

Score Calculation

Security Score Formula

Score = (Critical × 100) + (High × 50) + (Medium × 10) + (Low × 2) + (Info × 1)

Lower scores are better. A score of 0 means no security issues were found.

Critical× 100 points

High× 50 points

Medium× 10 points

Low× 2 points

Info× 1 points

Example Calculations

1 critical finding= 100 points

2 high + 5 medium= 150 points

10 medium findings= 100 points

No findings= 0 points ✓

Risk Level Classification

Risk level is determined by the severity distribution of findings, not just the total score.

SafeNo significant findings

LowOnly low-severity issues

Medium1+ high OR 5+ medium findings

High3+ high severity findings

Critical1+ critical severity finding

Classification Logic

if critical ≥ 1 → Critical

elif high ≥ 3 → High

elif high ≥ 1 OR medium ≥ 5 → Medium

elif medium ≥ 1 OR low ≥ 5 → Low

else → Safe

Trusted LLMs

Use it to:

Powered by Palisade