Enterprise Software Supply Chain Manager (ESSCM)IntegrationsAI Models
Hugging Face
Connect Hugging Face models to generate SBOMs
Hugging Face Integration
Connect models from Hugging Face Hub to Safeguard for AI model SBOM generation and dependency scanning.
Prerequisites
- A Hugging Face account (optional for public models)
- Hugging Face Access Token (for private models or higher rate limits)
Public Models
Hugging Face public models can be scanned without authentication.
Step 1: Navigate to Integrations
Go to Integrations from the sidebar and click Connect on the Hugging Face card.
Step 2: Enter Model Reference
- Select the Public tab
- Enter a Name for this configuration
- Optionally add a Description
- Enter the Hugging Face model ID:
- Format:
organization/model-nameorusername/model-name - Example:
meta-llama/Llama-2-7b,openai/whisper-base
- Format:
- Click Add
Step 3: Review & Connect
- Configure Project Name and Version
- Click Connect to complete
Private Models
For private models or gated models, you'll need a Hugging Face Access Token.
Step 1: Navigate to Integrations
Go to Integrations from the sidebar and click Connect on the Hugging Face card.
Step 2: Enter Access Token
- Select the Private tab
- Enter a Name for this configuration
- Optionally add a Description
- Enter your Hugging Face Access Token
- Click Verify Credentials
Step 3: Select Models
- Once verified, browse your models or enter model IDs
- Select the models you want to scan
- Choose specific revisions (optional)
Step 4: Configure & Connect
- Set Project Name and Version for each model
- Click Connect to complete
Creating a Hugging Face Access Token
- Sign in to Hugging Face
- Click your profile picture then Settings
- Select Access Tokens from the sidebar
- Click New token
- Enter a name (e.g., "Safeguard Integration")
- Select token type:
- Read - For scanning public and private models you own
- Write - Not needed for Safeguard
- Click Generate token
- Copy the token immediately
What Gets Scanned
When scanning Hugging Face models, Safeguard analyzes:
| Component | Description |
|---|---|
| Model files | Weights, configs, tokenizers |
| requirements.txt | Python dependencies |
| Model card | Metadata and documentation |
| Config files | Model configuration JSON |
| Preprocessing code | Custom preprocessing scripts |
Supported Model Formats
| Format | Extension | Notes |
|---|---|---|
| SafeTensors | .safetensors | Recommended - most secure |
| PyTorch | .bin, .pt, .pth | Common but uses Pickle |
| TensorFlow | .h5, SavedModel | Keras and TF formats |
| ONNX | .onnx | Cross-platform format |
| GGUF/GGML | .gguf, .ggml | Quantized formats |
Troubleshooting
"Model not found"
- Verify the model ID is correct (case-sensitive)
- Check if the model exists on Hugging Face Hub
- For private models, ensure your token has access
"Access denied"
- For gated models, ensure you've accepted the model's terms
- Verify your token has read access
- Check if the model requires specific permissions
"Credentials verification failed"
- Verify the token was copied correctly
- Check that the token hasn't been revoked
- Ensure the token has the required permissions
Best Practices
- Use read-only tokens - Safeguard only needs read access
- Scan specific revisions - Pin to specific commits for reproducibility
- Check model cards - Review the model's documentation and license
- Prefer SafeTensors - More secure than Pickle-based formats