The following features in the Endor Labs application access Artificial Intelligence (AI) services to enhance security analysis, code insights, and developer assistance. You can check whether AI access is currently enabled or disabled for these features.

• LLM code processing Detects AI models from HuggingFace used in Python projects and lists them as dependencies. See View AI model findings.

• DroidGPT Retrieves data from third-party AI tools and correlates it with Endor Labs’ proprietary risk data to identify open source software packages. See Use DroidGPT.

• C/C++ embeddings Enhances detection capabilities of C and C++ software composition analysis (SCA) by using AI-generated embeddings. See Scan C and C++ projects.

Modify AI access

To modify AI feature settings:

1. Select Settings > AI Access from the left sidebar.
2. Click Contact us to submit a request to the support team.
3. The support team will assist you with enabling or disabling AI features based on your organization’s needs.

Endor Labs’ scan can detect AI models and list them as dependencies. These models are flagged and displayed in the scan results. You can define custom policies to flag the usage of specific AI providers, specific AI models, or models with low-quality scores ensuring the use of secure and reliable AI models in your projects.

See AI models detection for the list of external AI models detected by Endor Labs. Only HuggingFace models are scored, as they are open source and provide extensive public metadata. Models from all other providers are detected but not scored due to limited metadata.

Detect AI models

Configure finding policies and perform an endorctl scan to detect AI models in your repositories and review the findings.

1. Configure finding policy to detect AI models with low scores and enforce organizational restrictions on specific AI models or model providers.

2. Download and install Semgrep Community Edition on your machine before you run a AI model scan.

   Although Semgrep supports installation with Brew on macOS, it does not allow installing a specific version. To install Semgrep, you must have a Python environment with pip on your system. We recommend that you install Semgrep version 1.99.0.

   pip install semgrep==1.99.0
   

3. Perform the endorctl scan using the following command:

   endorctl scan --ai-models --dependencies
   

View AI model findings

1. To view all AI model findings detected in your tenant:

   • Navigate to AI Inventory on the left sidebar to view AI findings.
   • Use the search bar to look for any specific models.
   • Select a model, and click to see its details.
   • You can also navigate to Findings and choose AI Models to view findings.

2. To view AI model findings associated with a specific project,

   • Navigate to Projects and select a project.
   • Navigate to Inventory and click AI Models under Dependencies to view findings.

View AI model findings through monitoring scans

By default, AI models are discovered during SCA scans run through GitHub App, Bitbucket App, Azure DevOps App, and GitLab App. You can view the reported AI models under AI Inventory in the left sidebar.

To generate AI model findings:

1. Configure finding policy to detect AI models with low scores and enforce organizational restrictions on specific AI models or model providers.

2. Download and install Semgrep Community Edition on your machine before you run a AI model scan.

   Although Semgrep supports installation with Brew on macOS, it does not allow installing a specific version. To install Semgrep, you must have a Python environment with pip on your system. We recommend that you install Semgrep version 1.99.0.

   pip install semgrep==1.99.0
   

3. View AI Model findings.

4. To disable AI model discovery, set ENDOR_SCAN_AI_MODELS=false in your scan profile.

AI model detection

The following table lists the AI model providers currently supported by Endor Labs for model detection. For each provider, the table includes supported programming languages, if model scoring is available, and a reference link to the provider’s API documentation.

An AI model is a computational system designed to simulate human intelligence by performing tasks such as recognizing patterns, making decisions, predicting outcomes, or generating content. Many open source AI models are freely available for use, modification, and distribution. Just like dependencies, these AI models can bring operational and security risks in the organization that uses them. Gaining visibility into these risks can minimize the vulnerabilities introduced by them.

Endor Labs picks the top ten thousand open source AI models available on Hugging Face and assigns Endor scores to them, so that you can make informed decisions before using them in your organization. See AI Model scores for more information.

To look for AI models, navigate to Discover > AI models.

• Type in the search bar to look for AI Models and click Search AI Models.

  

• Select a search result to view more details such as its security, activity, popularity, or quality score. You can also view complete details of an AI model.

  

• Click Go to Hugging face to see more to view the AI model on Hugging Face website.

Policy templates for AI models

Endor Labs provides the following finding policy templates for detecting AI models that have low Endor score. See Finding Policies for details on how to create policies from policy templates.

To evaluate AI models effectively, we use a multifactor scoring system that assesses popularity, activity, operational integrity, and security.

Each model is assigned a composite score based on the following criteria:

Popularity score factors

The popularity score reflects the model’s adoption and recognition within the AI community. Higher scores indicate greater usage and community engagement.

• Number of downloads: More downloads indicate widespread adoption.

• Number of likes: More likes suggest a positive reception from users.

• Published papers: Models with linked academic papers receive higher credibility.

• GitHub repository: Models with an associated GitHub repository score higher.

• Number of spaces using the model: More integrations suggest broader utility.

Scoring approach for popularity score factors

• Models with many downloads, likes, citations, and integrations score higher.

• Models with fewer engagements score lower.

Activity score factors

The activity score measures how actively a model is discussed and maintained.

• Discussion posts: Active community discussions contribute positively.

• Pull requests: Indicates ongoing maintenance and improvements.

Scoring approach for activity score factors

• Models with frequent discussions and active pull requests score higher.

• Models with limited activity receive lower scores.

Operational score factors

The operational score assesses the model’s reliability, transparency, and usability.

• Reputable provider: Models from well-known sources score higher.

• Model age: Older, well-maintained models may score higher, but outdated models may receive penalties.

• Authorization requirements: Restricted-access models score lower for accessibility but may gain points for security.

• Gated models: If a model requires special access, it may impact usability.

• License information: Models with clear licensing receive higher scores.

• License type: Open licenses (permissive, unencumbered) generally score higher than restrictive ones.

The following factors related to the availability of model metadata are also considered.

• Metric information: Essential for model evaluation.

• Dataset information: Transparency about training data boosts score.

• Base model information: Important for derivative works.

• Training data, fine-tuning, and alignment training information: Increases credibility.

• Evaluation results: Demonstrates model performance.

Scoring approach for operational score factors

Models with comprehensive metadata, reputable providers, and clear licensing score higher.

Models with unclear ownership, restrictive access, or missing details score lower.

Security score factors

The security score evaluates potential risks associated with a model’s implementation and distribution.

• Use of safe tensors: Secure tensor formats boost safety score.

• Use of potentially unsafe files: Formats such as pickle, PyTorch, and Python code files pose security risks.

• Typosquatting risks: Models that could be impersonating popular models receive lower scores.

• Example code availability: Models that contain example code or code snippets can introduce potential issues and hence receive lower scores.

Scoring approach for security score factors

Models that follow best security practices such as safe tensors, clear documentation, or vetted repositories score higher.

Models receive lower scores if they use potentially unsafe formats such as pickle (.pkl) and unverified PyTorch (.pth) or show signs of typosquatting.

Final score calculation

Each category contributes to the overall model score. The final score is a weighted sum of these factors, with weights adjusted based on real-world relevance and risk impact.

Higher scores indicate well-documented, popular, actively maintained, and secure models, while lower scores highlight potential risks or lack of transparency.

This scoring system enables users to make informed decisions when selecting AI models for their projects.

Endor Labs continuously refines and expands its evaluation criteria; this document represents the current methodology snapshot.

DroidGPT derives data from third-party Artificial Intelligence (AI) tools and coordinates it with Endor Labs’ proprietary risk data to help you to quickly and easily research open source software packages.

1. Sign in to Endor Labs application and click Droid GPT under Discover.

2. From Droid GPT, choose an Ecosystem.

3. Type your questions in the search bar and click Ask DroidGPT. Here are a few examples:

   • What are the best logging packages for Java?
   • What AI packages have most permissive license?
   • Which Go packages have the least known vulnerabilities?
   • What are a few packages similar to log4j?

You’ll receive instant answers. All results include risk scores revealing the quality, popularity, trustworthiness, and security of each package.

Enable DroidGPT error logging

Endor Labs integrates with third-party Artificial Intelligence (AI) tools to help you troubleshoot errors while performing software composition analysis, dependency resolution, or generating call graphs during an endorctl scan.

In the event of an error, DroidGPT generates explanations and actionable advice for how to resolve the error on the given host system. These suggestions are displayed as part of the error log messages on the command line and can help you understand why build errors occurred during the scan process and how to resolve them.

Use the ENDOR_SCAN_DROID_GPT environment variable or the --droid-gpt option to enable DroidGPT error logging on your system.

• Enable error logging while performing a scan.

endorctl scan --droid-gpt

• Enable error logging while checking the system specifications required for performing a scan.

endorctl host-check --droid-gpt

DroidGPT error logging example

Here is an example of the recommendations generated by DroidGPT while scanning a Ruby repository where the manifest file is not correctly configured.

*** NOTE: Use the following AI-generated advice at your own risk ***
DroidGPT suggests the following as a possible remediation:
1. The error message indicates that there is a problem parsing the Gemfile, which is preventing the dependency tree from being generated.
2. Specifically, the error message states that there are no gemspecs at the specified location, which is causing Bundler to fail.
3. To fix this issue, you should check that the Gemfile is correctly configured and that all necessary gemspecs are present.
4. Additionally, you may want to try running `bundle install` to ensure that all dependencies are properly installed.
5. Please note that this advice is generated by an AI and there may be additional factors at play that are not captured in the error message. As such, there is no guarantee that these steps will resolve the issue, and you should proceed with caution.