T13-AT-005HIGH
Model Card Manipulation
T13 · AI Supply Chain & Artifact Trust →Risk score210
RatingHigh
Procedures10
Severity
Mechanism
Model cards — the documentation accompanying model releases — are the primary trust signal for model consumers. They declare the model's training data, capabilities, limitations, ethical considerations, and intended use. Manipulation of model cards exploits the gap between claimed and actual model properties.
Detection
- Independent benchmark verification: re-run claimed evaluations before trusting model card scores
- Provenance verification services: cross-reference training data claims with known datasets
- Automated model card consistency checking: compare claims against measurable model properties
- Community reporting mechanisms: enable users to flag suspicious model card claims
Mitigation
Independent safety evaluation before deploymentHIGH
Verified publisher programs on model registriesMEDIUM
Automated model card verification toolsLOW
Community audit and reporting systemsMEDIUM
Chaining
Open in the technique browser →Model card manipulation is a supporting technique for T13-AT-001 (Model Repository Poisoning) — providing the trust facade for malicious models. It chains to T6-AT-009 (Evaluation Set Contamination) when falsified benchmark scores mask safety failures.