We built a security gate for every software package. AI models deserve the same.
Arc 3 · AI and Security — Day 6 of 6 · Days 13–18 · Arc Closer
AI models are the new third party dependency. The governance architecture that solved software supply chain risk already exists — it just hasn't been applied to models yet. This toolkit gives you the conceptual foundation, a naming convention builder, and a governance checklist to get started.
Arc 3 closes here. Days 13–17 built the case: the threat model, the checklist, the gates. Day 18 gives you the architecture — and the tools to implement it.
🗄️
Section 1 of 3
The Three Repository Types
Type 01
Local
Stores artifacts produced internally or manually uploaded after vetting. Nothing lives here unless it has been reviewed and promoted.
Think of it as: your internal shelf.
Type 02
Remote
Proxies and caches an external upstream registry. Every request is scanned before it enters your environment.
Think of it as: your security gate.
Type 03
Virtual
Aggregates local and remote repositories behind a single URL. This is the only URL pipelines and developers should ever configure.
Think of it as: the one door everyone uses.
For every package ecosystem or model source you onboard — you need all three.
🔧
Section 2 of 3
The Naming Convention Builder
Governance at scale only works if the naming convention works. Build yours here.
{org} — {scope} — {type} — {source} — {role}
Your org or team prefix — must be unique in a shared instance
Shared across all teams, or specific to one application
pkg for packages · aimodels for AI models
npm · pypi · nuget · docker · terraform · hf
local · remote · virtual
Live Preview
{org}-{scope}-{type}-{source}-{role}
Your Three Repositories
local
remote
virtual
Common combinations — click to pre-fill
📋
Section 3 of 3
The AI Model Governance Checklist
Before any AI model enters your environment — run through this checklist.
Current Score
0 / 24
Answered
0 / 12
Group 1 — Model Sourcing
All models are sourced through a controlled proxy — not downloaded directly from the internet
Direct downloads from model repositories to developer machines are explicitly prohibited
Model weight files are banned from source control repositories
Group 2 — Scanning and Validation
Security scanning is enabled on all model repositories
Any model flagged by scanning undergoes manual review before promotion to production
Licence compliance is checked for every model before use
Group 3 — Governance and Audit
Every model repository has a named owner
An audit trail exists for every model download and promotion
A process exists for onboarding new model sources beyond the current approved list
Group 4 — Operational
Large models above a defined size threshold have an assessed storage and registry strategy
A decommission process exists for models no longer in use
The repository list and governance policy are reviewed at least annually
Your Result
This checklist is a starting point. Every organisation's model governance needs will vary based on scale, regulatory context, and model complexity. For a more comprehensive review — connect with me on LinkedIn.
The architecture exists. The tooling exists. The only thing missing is the decision to apply the same discipline to models that you applied to packages.
Examples in this toolkit reference JFrog Artifactory as a practical implementation of the governance model described. Other artifact repository platforms are available.