Skip to content

Hide Navigation Hide TOC

AI Supply Chain Tools (8134b398-4da9-55a0-a553-27e03389ce38)

Modern AI systems increasingly rely on external tools and plugin interfaces (e.g., Model Context Protocol, LangChain, OpenAI plugins) to expand their capabilities. These interfaces pose unique security risks if not tightly controlled.

Runtime Abuse: If tool or plugin inputs are not strictly validated, LLMs may: * Trigger unauthorized tool executions. * Bypass guardrails using structured payloads embedded in plugin responses. * Chain outputs across tools in unsafe ways (e.g., generating code that another tool executes).

Supply Chain Risks: Third-party plugins and dependencies may contain vulnerabilities or backdoors. Attackers can: * Compromise plugin registries or repositories. * Compromise dependencies such as AI agent containers or monitoring components to inject malicious code, potentially infecting production systems, disrupting the AI deployment environment, and undermining the integrity of system monitoring. * Tamper with pre-trained models or updates during distribution.

These risks are magnified in open ecosystems where tools are crowd-sourced or rapidly integrated without full vetting.

Threat-modeling question: Could third-party tools, plugins, or dependencies introduce vulnerabilities in our AI system?

Cluster A Galaxy A Cluster B Galaxy B Level
ML Supply Chain Compromise (d2cf31e0-a550-4fe0-8fdb-8941b3ac00d9) MITRE ATLAS Attack Pattern AI Supply Chain Tools (8134b398-4da9-55a0-a553-27e03389ce38) PLOT4ai 1
Unsafe ML Artifacts (be6ef5c5-1ecb-486d-9743-42085bd2c256) MITRE ATLAS Attack Pattern AI Supply Chain Tools (8134b398-4da9-55a0-a553-27e03389ce38) PLOT4ai 1
AI Bill of Materials (1f63b56d-034f-477d-ab49-399c1aa1a22a) MITRE ATLAS Course of Action AI Supply Chain Tools (8134b398-4da9-55a0-a553-27e03389ce38) PLOT4ai 1
User Execution (8c849dd4-5d15-45aa-b5b2-59c96a3ab939) MITRE ATLAS Attack Pattern Unsafe ML Artifacts (be6ef5c5-1ecb-486d-9743-42085bd2c256) MITRE ATLAS Attack Pattern 2
Poison Training Data (0ec538ca-589b-4e42-bcaa-06097a0d679f) MITRE ATLAS Attack Pattern AI Bill of Materials (1f63b56d-034f-477d-ab49-399c1aa1a22a) MITRE ATLAS Course of Action 2
Publish Poisoned Models (e3b9d41a-d2f9-4825-942f-1c4a30b4d2f9) MITRE ATLAS Attack Pattern AI Bill of Materials (1f63b56d-034f-477d-ab49-399c1aa1a22a) MITRE ATLAS Course of Action 2
AI Bill of Materials (1f63b56d-034f-477d-ab49-399c1aa1a22a) MITRE ATLAS Course of Action Unsafe ML Artifacts (be6ef5c5-1ecb-486d-9743-42085bd2c256) MITRE ATLAS Attack Pattern 2
AI Bill of Materials (1f63b56d-034f-477d-ab49-399c1aa1a22a) MITRE ATLAS Course of Action Publish Poisoned Datasets (f4fc2abd-71a4-401a-a742-18fc5aeb4bc3) MITRE ATLAS Attack Pattern 2