Cisco Releases Open Source Tool for AI Model Provenance
Summary
Organizations often use AI models from online repositories like HuggingFace without tracking their changes, verifications, or vulnerabilities, which can lead to security risks if models are poisoned (containing hidden malicious code) or contain training biases. Cisco released the Model Provenance Kit, an open source Python-based tool that creates a unique 'fingerprint' for each model using metadata and other signals, allowing organizations to compare models and trace their origins to address these tracking and accountability problems.
Solution / Mitigation
The Model Provenance Kit from Cisco is available on GitHub. The tool has two modes: 'compare' mode enables users to compare two models to identify shared lineage, and 'scan' mode attempts to find the closest lineage for a given model by comparing its fingerprint against Cisco's database of fingerprints. Cisco's dataset of base model fingerprints is also available on Hugging Face.
Classification
Affected Vendors
Related Issues
Original source: https://www.securityweek.com/cisco-releases-open-source-tool-for-ai-model-provenance/
First tracked: May 1, 2026 at 08:00 AM
Classified by LLM (prompt v3) · confidence: 85%