Every listing is security-scanned, automatically — before anyone installs it

AI capabilities run inside real systems with real permissions. An MCP server can read files. A guardrail can intercept model output. A dataset can embed adversarial examples. The risk surface is real — and we scan for all of it.

Every artifact uploaded to ai-supply.store is automatically scanned before it becomes installable. This is non-negotiable, non-bypassable, and free.

What the scanner checks

Nine distinct check layers run in parallel on every upload:

OWASP-AI on every listing

Beyond the automated layers, every listing is evaluated against the full OWASP AI Security Top 10 (LLM01–LLM10) and the OWASP ML Security Top 10 (ML01–ML10). The results appear as an expandable checklist on the Security tab of every listing page.

Score, grade, level

After scanning, every listing gets:

• A score from 0 to 100
• A grade of A, B, C, or D
• A safety level: SAFE, REVIEW, or QUARANTINE

Critical findings → QUARANTINE. The listing is blocked. The provider must fix and re-submit. There is no override.

Grade A listings appear on the Most secure leaderboard. That leaderboard is updated in real time as new versions are scanned.

Deep scan engines

When configured, the scanner also invokes:

• Opengrep — AST-level code analysis and taint tracking
• picklescan — model-format malware detection for pickle-based artifacts
• Gitleaks — deep secrets scanning across the full artifact tree
• osv-scanner — CVE lookups against the Open Source Vulnerability database

Every new version upload triggers a fresh scan. Security posture is tracked over time.

Read the full technical breakdown in the nine-layer scanner: a deep dive.