I'm looking forward to seeing where this will go. The framework looks very preliminary at the moment, but I'm hopeful this will eventually become quite useful and will contain vectors like side channels and property inference attacks ML engineers don't often think about. I'm definitely going to join the Google Group and try to attend the workshop mentioned in the README. The current framework seems quite conservative in classifying attack vectors.