231_017predictionAIAI-scaling

A major supply chain attack from untrusted open-weight code generation models is absolutely a threat vector.

Predictor: Alex Wissner-Gross · ep#231 "Top AI News: Sonnet 4.6, Grok 4.2, Gemini 3 Deep Think, and OpenClaw | EP #231" · source

Prior probability

50.0%

Current probability

41.9%

evolves via intake + LBP

Conviction

4/5

Signal quality

Resolution

pending

Window

2028-06-01 – 2028-06-30

Edges in / out

10 / 5

Tickers exposed

Prediction text

A major supply chain attack from untrusted open-weight code generation models is absolutely a threat vector. | the world to my knowledge has not seen a major supply chain attack yet. that stems from the result of untrusted openweight code generation models rewriting the entire supply chain. But do I think that's possible? Yes, I think that is absolutely a threat vector.

Verbatim quote

From episode "Top AI News: Sonnet 4.6, Grok 4.2, Gemini 3 Deep Think, and OpenClaw | EP #231"

the world to my knowledge has not seen a major supply chain attack yet. that stems from the result of untrusted openweight code generation models rewriting the entire supply chain. But do I think that's possible? Yes, I think that is absolutely a threat vector.

Predictor: Alex Wissner-Gross

κ + Brier as of 2026-05-22

Full calibration →

κ (discount)

0.844

Brier

0.0341

excellent

Hits / Misses

6 / 1

of 11 resolved

Hit rate

54.5%

Calibration plot (stated vs observed)

Evidence about this node from Alex Wissner-Gross is multiplied by κ in /api/intake. Lower κ = less weight; floors at 0.10 (effectively silenced) and caps at 1.00 (full weight).

Reference class

Not linked

This node isn't linked to a reference class. The Bayesian update applies without outside-view blending.

Probability over time

4 prob_history rows

intake v2milestone miss sweeplbp propagationreference class assignedlegacy v1prior_prob (analyst seed)current = 41.9%

Milestone chain

Pre-event signals (upstream prereqs + window checkpoints) → resolution event → downstream cascades. Status/dates update from linked nodes; re-derive nightly via scripts/ops/derive_milestones.py.

Leading chain: 8 fired ✓ · 2 pending

2025-09-15hitShai-Hulud npm self-replicating worm with LLM-generated bash script (Sept 2025)
How: ReversingLabs detects self-replicating worm on npm registry with bash script bearing telltale LLM-generation comment/emoji signatures
Source: https://asecurityengineer.com/posts/the-rise-of-supply-chain-attacks/ — Shai-Hulud Sept 15 2025 inflection pointconf 95%
Notes: HIT — first publicly attributed LLM-authored worm in npm registry. Direct precursor to Wissner-Gross threat-vector claim.
2025-07-01hitAmazon Q VS Code extension compromised — wipe-files prompt injected
How: Verified open-weight/agentic AI tool ships compromised version with malicious prompt that passes vendor verification and reaches end users
Source: https://fortune.com/2025/12/15/ai-coding-tools-security-exploit-software/conf 90%
Notes: HIT — Amazon Q extension compromise distributed file-deletion prompt to users. Attack vector validated.
2026-03-31hitLiteLLM PyPI supply chain compromise exposes Mercor AI training data
How: OECD AI Incidents Tracker logs supply chain attack on open-source LLM library on PyPI exposing customer data
Source: https://oecd.ai/en/incidents/2026-03-31-e055 — LiteLLM PyPI compromise (~3.4M daily downloads, two malicious versions live ~3 hours)conf 95%
Notes: HIT — confirms LLM-tooling supply chain as live attack vector. Threat vector is no longer hypothetical.
2026-04-29hitNvidia became the world's first $5 trillion company (late 2025), operating a near-monopoly on advanced AI chips.
2026-04-29hitNvidia Data Center revenue +66% YoY, contributing ~90% of $57B fiscal Q3 revenue; >$4.5T market cap entirely underpinned by AI silicon.
2026-04-29hitNvidia's Arizona-based TSMC factory successfully fabricated cutting-edge semiconductors on US soil for first time in decades (October 2025).
2026-04-29hitBlackwell RTX PRO 5000 (72GB) engineered with 50% memory boost over previous generation — deliberate architectural concession for larger AI
2026-04-29hitNvidia quadrupled chip production output while only doubling human headcount — achieved by deploying AI coding tools (Cursor, Claude Code) a
2026-06-01 → 2027-12-31pendingFirst mass-impact (>100K orgs) supply chain attack with confirmed LLM-rewritten dependency
How: Single attack chain causes >100,000 confirmed downstream organizations compromised, with forensic attribution of LLM-driven code rewrite as the entry vector
Source: OECD AI Incidents Tracker, CISA advisoriesconf 60%
Notes: Trajectory escalates from Shai-Hulud (npm worm) and LiteLLM (PyPI). Open question is when scale crosses regulatory threshold.
2026-06-01 → 2028-06-01pendingLoRA adapter or model-weight backdoor attack publicly attributed in Hugging Face / public registry
How: First publicly disclosed incident where a malicious LoRA adapter or open-weight model checkpoint introduces a backdoor used in subsequent supply chain compromise
Source: Hugging Face security disclosures, NeuralTrust 2026 supply chain reportsconf 70%
Notes: NullBulge already weaponized Hugging Face/GitHub repos. LoRA-level backdoors flagged as next-generation vector.
2028-06-20pendingA major supply chain attack from untrusted open-weight code generation models is absolutely a threat vector.
2028-06-25pendingWe're exiting the industrial age permanently as recursive self-improvement unfolds.
2030-04-18pendingDario Amodei will solve most/all neurological diseases by end of decade
2030-10-10pendingEuropa Clipper will arrive at Jupiter in 2030, conducting 50 passes near Europa.
2034-09-16pendingDragonfly nuclear-powered octicopter arrives at Titan in 2034.
2063-06-21pendingPeter's 14-year-old son Milan will never get a driver's license.

What if this resolves?

Clamp this prediction TRUE or FALSE and run a counterfactual Gibbs sample. Surfaces the predictions whose marginals shift most under that assumption.

(live posterior: 42%)

Click a button to clamp this prediction and run a Gibbs sample. Returns the predictions whose marginals shift most. ~30s per run; ideal for stress-testing "if X resolves, what else moves?"

Evidence chain

Every probability update with full Bayesian provenance — chronological, latest first

LBP2026-05-10T02:00:02Z41.9%-1.0pp

Network propagation: 42.9% → 41.9%

6-iter LBP, residual 0.00584 · damping 0.5, w_intrinsic 0.5 · method lbp_v3 · run e5c18d29

LBP2026-05-03T02:00:01Z42.9%-1.6pp

Network propagation: 44.5% → 42.9%

6-iter LBP, residual 0.00677 · damping 0.5, w_intrinsic 0.5 · method lbp_v3 · run 1a683ac9

LBP2026-04-30T16:39:51Z44.5%-2.4pp

Network propagation: 46.8% → 44.5%

5-iter LBP, residual 0.00825 · damping 0.5, w_intrinsic 0.5 · method lbp_v2 · run 0c8a4ea3

LBP2026-04-30T02:18:57Z46.8%-3.2pp

Network propagation: 50.0% → 46.8%

5-iter LBP, residual 0.00825 · damping 0.5, w_intrinsic 0.5 · method lbp_v1 · run 592311ef

Network propagation neighbors

Top edges sorted by latest LBP cross-impact

All propagation →

Top incoming (parents)

Edges that influence THIS node's belief

Kind	Node	Their prob	P(c\|s=T)	P(c\|s=F)	Δ implied
killer	TK09 Energy Grid Cap (Data Center Power Wall)	35.0%	0.050	0.500	-0.077
prereq	SEM_027 Nvidia Data Center revenue +66% YoY, contributing ~90% of $5 — Joseph Moore	68.3%	0.500	0.050	-0.067
killer	TK05 Rate Regime Persistence (10y > 5% through 2028)	30.0%	0.050	0.500	-0.054
killer	TK03 AI Regulatory Moratorium (EU/US Capability Freeze)	10.0%	0.050	0.500	+0.036
prereq	SEM_012 Nvidia quadrupled chip production output while only doubling — Jensen Huang	75.0%	0.500	0.050	-0.035

Top outgoing (children)

Predictions THIS node influences

Kind	Node	Their prob	P(c\|s=T)	P(c\|s=F)	Δ implied
prereq	246_017 Europa Clipper will arrive at Jupiter in 2030, conducting 50 — Peter Diamandis	37.7%	0.650	0.050	-0.080
prereq	247_035 Dario Amodei will solve most/all neurological diseases by en — Dario Amodei	38.8%	0.700	0.050	-0.070
prereq	246_016 Dragonfly nuclear-powered octicopter arrives at Titan in 203 — Peter Diamandis	35.6%	0.650	0.050	-0.059
prereq	230_020 Peter's 14-year-old son Milan will never get a driver's lice — Peter Diamandis	34.7%	0.650	0.050	-0.049
prereq	232_055 We're exiting the industrial age permanently as recursive se — Peter Diamandis	35.5%	0.700	0.050	-0.037

Ticker exposure

37 ticker(s) linked

Beneficiaries (24)

MU WULF IREN EQIX ALAB APLD ASMIY ASML PLAB NVDA NBIS CRWV AAPL AMT AMZN DELL GOOGL IRM LNVGY META MSFT ORCL SFTBY STX

Adverse (6)

ACN GEN CHGG IBM WNS LRN

Prerequisites (10)

Predictions that must hit first

Type	Pred	Title	Domain	Lag
prereq	SEM_011	Nvidia became the world's first $5 trillion company (late 2025), operating a near-monopoly on advanced AI chips.	Capital Markets	—
prereq	SEM_027	Nvidia Data Center revenue +66% YoY, contributing ~90% of $57B fiscal Q3 revenue; >$4.5T market cap entirely underpinned by AI silicon.	Capital Markets	—
prereq	SEM_014	Nvidia's Arizona-based TSMC factory successfully fabricated cutting-edge semiconductors on US soil for first time in decades (October 2025).	Manufacturing	—
prereq	SEM_029	Blackwell RTX PRO 5000 (72GB) engineered with 50% memory boost over previous generation — deliberate architectural concession for larger AI training.	Semis/Products	—
prereq	SEM_012	Nvidia quadrupled chip production output while only doubling human headcount — achieved by deploying AI coding tools (Cursor, Claude Code) across engineering.	AI/Manufacturing	—
killer	TK09	Energy Grid Cap (Data Center Power Wall)	—	—
killer	TK05	Rate Regime Persistence (10y > 5% through 2028)	—	—
killer	TK01	AGI Capability Plateau (2026-27 Training Stall)	—	—
killer	TK02	AI Compute Supply Shock (TSMC/Taiwan Disruption)	—	—
killer	TK03	AI Regulatory Moratorium (EU/US Capability Freeze)	—	—

Dependents (5)

Predictions enabled by this

Type	Pred	Title	Domain	Lag
prereq	232_055	We're exiting the industrial age permanently as recursive self-improvement unfolds.	AI	—
prereq	247_035	Dario Amodei will solve most/all neurological diseases by end of decade	Biotech/Longevity	—
prereq	230_020	Peter's 14-year-old son Milan will never get a driver's license.	Auto/Transport	—
prereq	246_017	Europa Clipper will arrive at Jupiter in 2030, conducting 50 passes near Europa.	Space	—
prereq	246_016	Dragonfly nuclear-powered octicopter arrives at Titan in 2034.	Space	—

Linked documents (10)

Auto-generated by cosine similarity from Polymarket / Manifold / EDGAR / GDELT

Sim	Source	Title	Market prob	Polarity	Reviewed	Published
0.645	arxiv	DiffusionHijack: Supply-Chain PRNG Backdoor Attack on Diffusion Models and Quantum Random Number Defense	—	mentions	pending	2026-05-13
0.639	arxiv	Steering Vectors are an Adversarial Attack Surface	—	mentions	pending	2026-06-04
0.628	arxiv	VectorSmuggle: Steganographic Exfiltration in Embedding Stores and a Cryptographic Provenance Defense	—	mentions	pending	2026-05-13
0.624	arxiv	Attack Detection using Time Series Foundation Models	—	mentions	pending	2026-06-04
0.616	arxiv	Code-Centric Detection of Vulnerability-Fixing Commits: A Unified Benchmark and Empirical Study	—	mentions	pending	2026-05-13
0.614	arxiv	On the Security of Research Artifacts	—	mentions	pending	2026-05-07
0.608	arxiv	LeakDojo: Decoding the Leakage Threats of RAG Systems	—	mentions	pending	2026-05-07
0.585	github_release	tensorflow/tensorflow v2.18.1	—	mentions	pending	2025-03-11
0.582	github_release	tensorflow/tensorflow v2.14.1	—	mentions	pending	2023-11-14
0.578	manifold	figure out the code - Insider trading and bluffing	—	mentions	pending	2026-05-06

Raw metadata

From Thesis_Timeline_v1.0_FINAL workbook

{
  "nia": false,
  "url": "https://www.youtube.com/watch?v=HklyjXKYFng",
  "mode": "PREDICTION",
  "role": "Host",
  "context": "the world to my knowledge has not seen a major supply chain attack yet. that stems from the result of untrusted openweight code generation models rewriting the entire supply chain. But do I think that's possible? Yes, I think that is absolutely a threat vector.",
  "to_year": 2030,
  "verbatim": "the world to my knowledge has not seen a major supply chain attack yet. that stems from the result of untrusted openweight code generation models rewriting the entire supply chain. But do I think that's possible? Yes, I think that is absolutely a threat vector.",
  "conv_cues": "absolutely",
  "direction": "HAPPEN",
  "from_year": 2026,
  "timeframe": "future",
  "conv_level": "HIGH",
  "milestones": [
    {
      "kind": "llm_pre_event",
      "label": "Shai-Hulud npm self-replicating worm with LLM-generated bash script (Sept 2025)",
      "notes": "HIT — first publicly attributed LLM-authored worm in npm registry. Direct precursor to Wissner-Gross threat-vector claim.",
      "source": "https://asecurityengineer.com/posts/the-rise-of-supply-chain-attacks/ — Shai-Hulud Sept 15 2025 inflection point",
      "status": "hit",
      "weight": 0.4,
      "ordinal": -10,
      "source_id": null,
      "confidence": 0.95,
      "source_url": "https://asecurityengineer.com/posts/the-rise-of-supply-chain-attacks/",
      "expected_date": "2025-09-15",
      "observed_date": "2025-09-15",
      "research_origin": "deep_research",
      "measurement_criterion": "ReversingLabs detects self-replicating worm on npm registry with bash script bearing telltale LLM-generation comment/emoji signatures"
    },
    {
      "kind": "llm_pre_event",
      "label": "Amazon Q VS Code extension compromised — wipe-files prompt injected",
      "notes": "HIT — Amazon Q extension compromise distributed file-deletion prompt to users. Attack vector validated.",
      "source": "https://fortune.com/2025/12/15/ai-coding-tools-security-exploit-software/",
      "status": "hit",
      "weight": 0.4,
      "ordinal": -9,
      "source_id": null,
      "confidence": 0.9,
      "source_url": "https://fortune.com/2025/12/15/ai-coding-tools-security-exploit-software/",
      "expected_date": "2025-12-15",
      "observed_date": "2025-07-01",
      "research_origin": "deep_research",
      "measurement_criterion": "Verified open-weight/agentic AI tool ships compromised version with malicious prompt that passes vendor verification and reaches end users"
    },
    {
      "kind": "llm_pre_event",
      "label": "LiteLLM PyPI supply chain compromise exposes Mercor AI training data",
      "notes": "HIT — confirms LLM-tooling supply chain as live attack vector. Threat vector is no longer hypothetical.",
      "source": "https://oecd.ai/en/incidents/2026-03-31-e055 — LiteLLM PyPI compromise (~3.4M daily downloads, two malicious versions live ~3 hours)",
      "status": "hit",
      "weight": 0.4,
      "ordinal": -8,
      "source_id": null,
      "confidence": 0.95,
      "source_url": "https://oecd.ai/en/incidents/2026-03-31-e055",
      "expected_date": "2026-03-31",
      "observed_date": "2026-03-31",
      "research_origin": "deep_research",
      "measurement_criterion": "OECD AI Incidents Tracker logs supply chain attack on open-source LLM library on PyPI exposing customer data"
    },
    {
      "kind": "prereq",
      "label": "Nvidia became the world's first $5 trillion company (late 2025), operating a near-monopoly on advanced AI chips.",
      "status": "hit",
      "weight": 0.5,
      "ordinal": -7,
      "source_id": "SEM_011",
      "expected_date": "2026-04-29",
      "observed_date": "2026-04-29"
    },
    {
      "kind": "prereq",
      "label": "Nvidia Data Center revenue +66% YoY, contributing ~90% of $57B fiscal Q3 revenue; >$4.5T market cap entirely underpinned by AI silicon.",
      "status": "hit",
      "weight": 0.5,
   
... (truncated)