--- title: SafeLLM Leaderboard emoji: 🛡️ colorFrom: indigo colorTo: blue sdk: docker pinned: true license: apache-2.0 short_description: Trusted OSS Model Supply Chain Security Rankings --- # 🏰 SafeLLM Leaderboard **Comprehensive security rankings for machine learning models** [![Dataset](https://img.shields.io/badge/🤗-Dataset-yellow)](https://huggingface.co/datasets/javelinai/palisade-scan-results) [![Powered by Palisade](https://img.shields.io/badge/Powered%20by-Palisade-blue)](https://github.com/highflame-ai/highflame-palisade) --- ## 📊 About This leaderboard displays security rankings for ML models scanned with **[Palisade](https://github.com/highflame-ai/palisade)**, a comprehensive security scanner that detects: - 🎯 **Backdoors & Trojans** - Hidden malicious behaviors - 🔓 **Pickle RCE** - Remote code execution vulnerabilities - 💥 **Buffer Overflows** - Memory safety issues - 🔗 **Supply Chain Attacks** - Compromised dependencies - 🔐 **Model Integrity** - Tampering detection - 🎭 **Tokenizer Hijacking** - Malicious configurations ## 🎯 Understanding the Scores ### Security Score **Lower is better!** Calculated as: ``` Score = (Critical × 100) + (High × 50) + (Medium × 10) + (Low × 2) ``` - **0-49**: ✅ Excellent security - **50-99**: 🟡 Good security - **100-199**: 🟠 Moderate concerns - **200+**: 🔴 Significant issues ### Risk Levels | Level | Meaning | Action | |-------|---------|--------| | 🟢 **Safe** | No significant issues | Deploy with confidence | | 🟡 **Low** | Minor issues only | Review and monitor | | 🟠 **Medium** | Some concerns | Fix before production | | 🔴 **High** | Serious issues | Use with caution | | ⛔ **Critical** | Critical vulnerabilities | Do NOT use | ## 📈 Features - **Interactive Filtering** - By risk level, score, and size - **Rich Visualizations** - Charts and graphs powered by Plotly - **Detailed Analysis** - Threat categories and MITRE ATT&CK mapping - **SARIF Reports** - Industry-standard security reports - **Real-time Updates** - Auto-refreshes from HuggingFace dataset ## 🔍 Data Source All scan results are stored in the public dataset: **[javelinai/palisade-scan-results](https://huggingface.co/datasets/highflame/palisade-scan-results)** Models are scanned weekly with automated GitHub Actions. ## 🛠️ Technology Stack - **Scanner**: [Palisade](https://github.com/highflame-ai/highflame-palisade) - **Frontend**: Gradio 4.27 - **Visualizations**: Plotly - **Data**: HuggingFace Datasets - **Hosting**: HuggingFace Spaces ## 📚 Learn More - [Palisade Documentation](https://github.com/highflame-ai/highflame-palisade) - [SARIF Specification](https://docs.oasis-open.org/sarif/sarif/v2.1.0/) - [MITRE ATT&CK for ML](https://atlas.mitre.org/) ## 📞 Support - 💬 [Discord](https://discord.gg/javelin) - 📧 [Email](mailto:support@highflame.com) - 🐦 [Twitter](https://twitter.com/getjavelin) ---
**Built with ❤️ by [Highflame](https://highflame.com)** [Website](https://highflame.com) • [GitHub](https://github.com/highflame-ai) • [Discord](https://discord.gg/javelin)