T13 · Infrastructure & human domain
AI Supply Chain & Artifact Trust
Compromise model supply chain
Techniques15
Avg risk233
Max risk260
DomainInfrastructure & human
T13-AT-010Hardware Supply Chain10 proc260CRITICALT13-AT-001Model Repository Poisoning10 proc255CRITICALT13-AT-006Checkpoint Poisoning10 proc250CRITICALT13-AT-002Dataset Contamination10 proc245HIGHT13-AT-003Pipeline Injection Attacks10 proc240HIGHT13-AT-014Development Tool Compromise10 proc240HIGHT13-AT-004Dependency Confusion10 proc235HIGHT13-AT-013Container Registry Poisoning10 proc235HIGHT13-AT-009Cloud Training Attacks10 proc230HIGHT13-AT-007Transfer Learning Attacks10 proc225HIGHT13-AT-012Artifact Signature Attacks10 proc225HIGHT13-AT-008Model Conversion Exploits10 proc220HIGHT13-AT-011Model Marketplace Attacks10 proc215HIGHT13-AT-005Model Card Manipulation10 proc210HIGHT13-AT-015Model Obfuscation Attacks10 proc205HIGH
Open T13 in the technique browser →