Cisco has released an open source tool called Model Provenance Kit to help organizations verify the origins and integrity of third-party AI models. The Python-based toolkit creates unique fingerprints for AI models by analyzing metadata, tokenizer similarity, and weight-level identity signals, then compares them against a database to trace lineage and identify potential security vulnerabilities, biases, or tampering. The tool addresses growing concerns about AI model supply chain security as organizations increasingly deploy models from repositories like HuggingFace, where claims about model sources and training data often go unverified.