Which term describes vulnerabilities in any component that an AI system relies on, which could compromise the entire stack?

Supply chain vulnerabilities describe weaknesses in any component the AI system relies on, and these can compromise the entire stack. An AI setup depends on data sources, model weights and architectures, software libraries, hardware, and external services. If any part is compromised—whether through tampered data, a backdoored model, malicious dependencies, or faulty hardware—the integrity and trustworthiness of the whole system can be undermined, leading to manipulated outputs, data leakage, or outages. A model backdoor attack refers to a specific malicious implant inside a model, not the broader risk across all components. Vendor lock-in is about dependence on a single supplier, not vulnerabilities across the stack. Productivity impact is a consequence, not a type of vulnerability.