README.md

---
title: SafeLLM Leaderboard
emoji: 🛡️
colorFrom: indigo
colorTo: blue
sdk: docker
pinned: true
license: apache-2.0
short_description: Trusted OSS Model Supply Chain Security Rankings
---

# 🏰 SafeLLM Leaderboard

**Comprehensive security rankings for machine learning models**

[![Dataset](https://img.shields.io/badge/🤗-Dataset-yellow)](https://huggingface.co/datasets/javelinai/palisade-scan-results)
[![Powered by Palisade](https://img.shields.io/badge/Powered%20by-Palisade-blue)](https://github.com/highflame-ai/highflame-palisade)

---

## 📊 About

This leaderboard displays security rankings for ML models scanned with **[Palisade](https://github.com/highflame-ai/palisade)**, 
a comprehensive security scanner that detects:

- 🎯 **Backdoors & Trojans** - Hidden malicious behaviors
- 🔓 **Pickle RCE** - Remote code execution vulnerabilities  
- 💥 **Buffer Overflows** - Memory safety issues
- 🔗 **Supply Chain Attacks** - Compromised dependencies
- 🔐 **Model Integrity** - Tampering detection
- 🎭 **Tokenizer Hijacking** - Malicious configurations

## 🎯 Understanding the Scores

### Security Score
**Lower is better!** Calculated as:
```
Score = (Critical × 100) + (High × 50) + (Medium × 10) + (Low × 2)
```

- **0-49**: ✅ Excellent security
- **50-99**: 🟡 Good security
- **100-199**: 🟠 Moderate concerns
- **200+**: 🔴 Significant issues

### Risk Levels

| Level | Meaning | Action |
|-------|---------|--------|
| 🟢 **Safe** | No significant issues | Deploy with confidence |
| 🟡 **Low** | Minor issues only | Review and monitor |
| 🟠 **Medium** | Some concerns | Fix before production |
| 🔴 **High** | Serious issues | Use with caution |
| ⛔ **Critical** | Critical vulnerabilities | Do NOT use |

## 📈 Features

- **Interactive Filtering** - By risk level, score, and size
- **Rich Visualizations** - Charts and graphs powered by Plotly
- **Detailed Analysis** - Threat categories and MITRE ATT&CK mapping
- **SARIF Reports** - Industry-standard security reports
- **Real-time Updates** - Auto-refreshes from HuggingFace dataset

## 🔍 Data Source

All scan results are stored in the public dataset:
**[javelinai/palisade-scan-results](https://huggingface.co/datasets/highflame/palisade-scan-results)**

Models are scanned weekly with automated GitHub Actions.

## 🛠️ Technology Stack

- **Scanner**: [Palisade](https://github.com/highflame-ai/highflame-palisade)
- **Frontend**: Gradio 4.27
- **Visualizations**: Plotly
- **Data**: HuggingFace Datasets
- **Hosting**: HuggingFace Spaces

## 📚 Learn More

- [Palisade Documentation](https://github.com/highflame-ai/highflame-palisade)
- [SARIF Specification](https://docs.oasis-open.org/sarif/sarif/v2.1.0/)
- [MITRE ATT&CK for ML](https://atlas.mitre.org/)

## 📞 Support

- 💬 [Discord](https://discord.gg/javelin)
- 📧 [Email](mailto:support@highflame.com)
- 🐦 [Twitter](https://twitter.com/getjavelin)

---

<div align="center">

**Built with ❤️ by [Highflame](https://highflame.com)**

[Website](https://highflame.com) • 
[GitHub](https://github.com/highflame-ai) • 
[Discord](https://discord.gg/javelin)

</div>