Cisco released an open-source Model Provenance Kit to generate fingerprints for third-party AI models and help organizations trace lineage, detect tampering, and assess risks. The toolkit compares model fingerprints and scans against Cisco’s database to mitigate security, compliance, and supply-chain issues associated with models from repositories like HuggingFace. #ModelProvenanceKit #HuggingFace
Keypoints
- Cisco released Model Provenance Kit, an open-source Python toolkit and CLI to generate fingerprints for AI models.
- Many third-party models from repositories like HuggingFace lack tracked changes and verified metadata, creating provenance gaps.
- Unverified developer claims and inherited vulnerabilities can lead to poisoned, biased, or manipulable models that affect downstream applications.
- The kit fingerprints models using metadata signals, tokenizer similarity, and weight-level identity signals and provides compare and scan modes.
- The tool and Cisco’s dataset of base model fingerprints are publicly available on GitHub and Hugging Face to support evidence-based provenance.
Read More: https://www.securityweek.com/cisco-releases-open-source-tool-for-ai-model-provenance/