Current focus: Trustfall Lite, an open-source CLI for checking local Hugging Face and Ollama model artifacts against a signed registry; and Trustfall Deep, a runtime model-identity protocol in design.
Interested in model provenance, runtime identity, AI security, signed evidence, and making infrastructure boring enough to trust.
https://www.fallrisk.ai
---
I built Trustfall Lite, an open-source CLI that scans local Hugging Face and Ollama model caches, computes artifact hashes, and checks them against a signed public registry.
https://github.com/fallrisk-ai/trustfall-lite
Install:
pipx install fallrisk-trustfall trustfall scan
By default, Trustfall can query the API with artifact hashes. It does not upload model bytes or file paths. There is also a local-only mode:
trustfall registry --refresh trustfall scan --local-only
anthony@fallrisk.ai