Skip to content

Hide Navigation Hide TOC

AI Supply Chain Tools (8134b398-4da9-55a0-a553-27e03389ce38)

Modern AI systems increasingly rely on external tools and plugin interfaces (e.g., Model Context Protocol, LangChain, OpenAI plugins) to expand their capabilities. These interfaces pose unique security risks if not tightly controlled.

Runtime Abuse: If tool or plugin inputs are not strictly validated, LLMs may: * Trigger unauthorized tool executions. * Bypass guardrails using structured payloads embedded in plugin responses. * Chain outputs across tools in unsafe ways (e.g., generating code that another tool executes).

Supply Chain Risks: Third-party plugins and dependencies may contain vulnerabilities or backdoors. Attackers can: * Compromise plugin registries or repositories. * Compromise dependencies such as AI agent containers or monitoring components to inject malicious code, potentially infecting production systems, disrupting the AI deployment environment, and undermining the integrity of system monitoring. * Tamper with pre-trained models or updates during distribution.

These risks are magnified in open ecosystems where tools are crowd-sourced or rapidly integrated without full vetting.

Threat-modeling question: Could third-party tools, plugins, or dependencies introduce vulnerabilities in our AI system?

Cluster A Galaxy A Cluster B Galaxy B Level
AI Supply Chain Tools (8134b398-4da9-55a0-a553-27e03389ce38) PLOT4ai ML Supply Chain Compromise (d2cf31e0-a550-4fe0-8fdb-8941b3ac00d9) MITRE ATLAS Attack Pattern 1
AI Supply Chain Tools (8134b398-4da9-55a0-a553-27e03389ce38) PLOT4ai Unsafe ML Artifacts (be6ef5c5-1ecb-486d-9743-42085bd2c256) MITRE ATLAS Attack Pattern 1
AI Supply Chain Tools (8134b398-4da9-55a0-a553-27e03389ce38) PLOT4ai AI Bill of Materials (1f63b56d-034f-477d-ab49-399c1aa1a22a) MITRE ATLAS Course of Action 1
User Execution (8c849dd4-5d15-45aa-b5b2-59c96a3ab939) MITRE ATLAS Attack Pattern Unsafe ML Artifacts (be6ef5c5-1ecb-486d-9743-42085bd2c256) MITRE ATLAS Attack Pattern 2
Publish Poisoned Datasets (f4fc2abd-71a4-401a-a742-18fc5aeb4bc3) MITRE ATLAS Attack Pattern AI Bill of Materials (1f63b56d-034f-477d-ab49-399c1aa1a22a) MITRE ATLAS Course of Action 2
Poison Training Data (0ec538ca-589b-4e42-bcaa-06097a0d679f) MITRE ATLAS Attack Pattern AI Bill of Materials (1f63b56d-034f-477d-ab49-399c1aa1a22a) MITRE ATLAS Course of Action 2
Publish Poisoned Models (e3b9d41a-d2f9-4825-942f-1c4a30b4d2f9) MITRE ATLAS Attack Pattern AI Bill of Materials (1f63b56d-034f-477d-ab49-399c1aa1a22a) MITRE ATLAS Course of Action 2
Unsafe ML Artifacts (be6ef5c5-1ecb-486d-9743-42085bd2c256) MITRE ATLAS Attack Pattern AI Bill of Materials (1f63b56d-034f-477d-ab49-399c1aa1a22a) MITRE ATLAS Course of Action 2