# dependencies

11 articlestagged with “dependencies”

Agent Supply Chain Attacks

Compromising AI agents through poisoned packages, backdoored MCP servers, malicious model registries, and weaponized agent frameworks -- including the Postmark MCP breach and NullBulge campaigns.

agentssupply-chainmcpnpmpoisoningsbomdependencies

Intermediate

July 2026: Supply Chain Audit Challenge

Audit an ML project's entire supply chain for security issues including dependencies, model provenance, data pipelines, training infrastructure, and deployment artifacts.

challengesupply-chainauditdependenciesprovenancejuly-2026

Advanced

AI Supply Chain Security Overview

Comprehensive overview of the AI/ML supply chain attack surface, covering model poisoning, data poisoning, dependency attacks, and risk assessment frameworks aligned with OWASP LLM03:2025.

supply-chainowasprisk-assessmentmodel-poisoningdata-poisoningdependenciesdefense

Intermediate

Dependency Scanning for AI/ML

Defense-focused guide to scanning AI/ML dependencies for vulnerabilities, covering AI-specific dependency risks, malicious package detection, automated scanning pipelines, and policy enforcement for ML toolchains.

supply-chaindependenciesscanningpipnpmvulnerabilitysnyktrivydefense

Intermediate

Deep Supply Chain Analysis

Comprehensive analysis of the AI supply chain dependency tree covering model weights, tokenizers, datasets, libraries, and infrastructure components with audit methodology.

supply-chaindeep-analysisdependenciessecurity

Expert

ML Pipeline Supply Chain Security

Securing the ML pipeline supply chain from training framework dependencies to serving infrastructure components.

infrastructurepipelinesupply-chaindependencies

Advanced

Supply Chain Security for ML Dependencies

Securing the ML dependency supply chain including PyTorch, transformers, and model weight downloads.

infrastructuresupply-chaindependenciesml

Intermediate

CTF: Supply Chain Attack

Find and exploit vulnerabilities in an ML supply chain including compromised dependencies, poisoned models, backdoored training data, and malicious model files. Practice ML-specific supply chain security assessment.

ctfsupply-chaindependenciespoisoningadvanced

Advanced

Lab: Supply Chain Audit

Audit an ML project's dependencies for vulnerabilities, covering model files, Python packages, container images, and training data provenance.

labsupply-chainauditdependenciessecurityintermediatehands-on

Intermediate

Lab: ML Supply Chain Scan

Hands-on lab for auditing machine learning model dependencies, detecting malicious packages in ML pipelines, and scanning model files for backdoors and supply chain threats.

labsupply-chainsecurityscanningdependenciesintermediate

Intermediate

Supply Chain Prompt Injection Walkthrough

Plant injection payloads in upstream data sources consumed by LLM applications including packages and documentation.

walkthroughssupply-chaininjectiondependencies

Advanced