# LLM Supply Chain Vulnerabilities

- ID: python-llm-supply-chain
- Severity: HIGH
- CWE: Inclusion of Untrusted Functionality (CWE-829)
- Languages: Python
- Frameworks: django, flask, fastapi, python

## Description

Detects potential supply chain vulnerabilities in AI/LLM implementations.
OWASP LLM05 - Supply Chain Vulnerabilities.

Supply chain attacks in AI can occur through:
- Loading models from untrusted sources
- Using pickle for model serialization (RCE risk)
- trust_remote_code=True in HuggingFace
- Compromised training data sources
- Third-party plugins without verification

## Detection Message

Potential supply chain vulnerability: {issue_type}

## Remediation

Use weights_only=True with torch.load() or SafeTensors format.

```python
import torch

# Safe: weights_only prevents arbitrary code execution
model = torch.load('model.pt', weights_only=True)

# Even safer: use SafeTensors format
from safetensors.torch import load_model
load_model(model, 'model.safetensors')
```

Learn more: https://shoulder.dev/learn/python/cwe-829/llm-supply-chain

## Documentation

[object Object]

## Related Rules

- **LLM Supply Chain Vulnerabilities** [HIGH]: 
- **LLM Supply Chain Vulnerabilities** [HIGH]: 
- **Container Using Latest Tag** [MEDIUM]: