AI Bill of Materials Registry
Structured AIBOM dataset for 3,400+ AI models with SPDX licensing, EU AI Act risk classification, safety evaluations, and procurement metadata. Machine-readable, multi-standard, open-source.
What This Registry Covers
SPDX License Normalization
Every model mapped to standardized SPDX identifiers with commercial use rights, modification permissions, and distribution terms.
EU AI Act Risk Tiers
Automated classification into Unacceptable, High, Limited, and Minimal risk tiers per EU AI Act regulatory framework.
Safety Evaluations
541 models with red-teaming results, bias evaluations, and content filtering capabilities. Explicit flags when safety data is absent.
Multi-Standard Alignment
Records map to SPDX 3.0 AI Profile, CycloneDX ML, and NTIA SBOM minimum elements for procurement-ready compliance.
Beyond Raw Model Metadata
The AIBOM Registry is not repackaged upstream data. Our pipeline extracts raw model information and applies enrichment layers that do not exist in any single source: license normalization, regulatory risk classification, 10-dimension quality scoring, cross-provider schema unification, and procurement-ready formats.
Quality Tiers
Every model receives a 10-dimension weighted completeness score covering identity, licensing, training provenance, safety, and compliance. Models are tiered Gold, Silver, or Bronze based on their score.
Use Cases
Enterprise Procurement
Structured metadata for vendor evaluation, license auditing, and supply chain risk assessment across your AI model stack.
Regulatory Compliance
EU AI Act documentation, NIST AI RMF alignment, and NTIA SBOM minimum elements for audit-ready reporting.
Security Research
Centralized access to safety evaluations, red-teaming results, and vulnerability metadata across thousands of models.
Data Products
Available on AWS Data Exchange. JSON, CSV, and Parquet formats with versioned schema guarantees for downstream integration.
Methodology
Data is collected weekly via automated pipelines from model registries, official documentation, and public APIs. Each record undergoes SPDX normalization, EU AI Act risk classification, and 10-dimension quality scoring. All collection scripts are open-source and auditable in the GitHub repository.