Reliable across most dimensions, with minor gaps in documentation, evaluation, or ecosystem signal. Safe to deploy after addressing the listed remediation steps.
Weighs the risk profile of every model weight file in the repo. SafeTensors are safe by design; pickle-derived formats can execute arbitrary code on load.
Suggested fixes
• Prefer SafeTensors over pickle-based formats wherever possible.
Documentation completeness mapped to the EU AI Act Article 13 transparency requirements: intended use, limitations, training-data summary, evaluation tables, contact info, and risk notes.
Suggested fixes
• Add an intended-use section and an evaluation table to the model card.
Whether the model card declares a standard SPDX licence; whether the YAML metadata licence tag matches the prose; whether the licence permits the use case you're scoring it for.
Suggested fixes
• Declare an explicit SPDX identifier in the YAML metadata block.
• If your org is established, request HF verification to lift the namespace ceiling.
Whether the card discloses safety, bias, or fairness evaluations against recognised benchmarks. Partial credit awarded for each disclosed evaluation.
Suggested fixes
• Run + publish at least one bias-evaluation benchmark (HELM, BBQ, RealToxicityPrompts).
Coverage of regulator-required disclosures: EU AI Act Article 13 signals, NIST AI RMF references, training-data provenance, energy + emissions disclosure.
Suggested fixes
• Add a section mapping the card to EU AI Act Art. 13 disclosure requirements.
Community signal (Discussions, PRs, commit activity), external provenance (GitHub repo + arXiv paper + Papers With Code), and cross-platform attestation lookups.
Suggested fixes
• Link the corresponding arXiv paper + GitHub repo from the model card.
Embed badge
FREE
Add to your model card or README. Refreshes automatically when the score changes.