Large Language Models (LLMs) are increasingly integrated into software systems, giving rise to a new class of systems referred to as LLMware. Beyond traditional source-code components, LLMware embeds or interacts with LLMs that depend on other models and datasets, forming complex supply chains across open-source software (OSS), models, and datasets. However, licensing issues emerging from these intertwined dependencies remain largely unexplored. Leveraging GitHub and Hugging Face, we curate a large-scale dataset capturing LLMware supply chains, including 12,180 OSS repositories, 3,988 LLMs, and 708 datasets. Our analysis reveals that license distributions in LLMware differ substantially from traditional OSS ecosystems. We further examine license-related discussions and find that license selection and maintenance are the dominant concerns, accounting for 84% of cases. To understand incompatibility risks, we analyze license conflicts along supply chains and evaluate state-of-the-art detection approaches, which achieve only 58% and 76% F1 scores in this setting. Motivated by these limitations, we propose LiAgent, an LLM-based agent framework for ecosystem-level license compatibility analysis. LiAgent achieves an F1 score of 87%, improving performance by 14 percentage points over prior methods. We reported 60 incompatibility issues detected by LiAgent, 11 of which have been confirmed by developers. Notably, two conflicted LLMs have over 107 million and 5 million downloads on Hugging Face, respectively, indicating potentially widespread downstream impact. We conclude with implications and recommendations to support the sustainable growth of the LLMware ecosystem.

翻译：大型语言模型（LLM）正日益融入软件系统，催生了一类被称为LLMware的新型系统。除传统源代码组件外，LLMware通过嵌入或交互的方式依赖其他模型与数据集，形成了跨越开源软件（OSS）、模型与数据集的复杂供应链。然而，这些相互交织的依赖关系所产生的许可问题仍鲜有研究。基于GitHub与Hugging Face平台，我们构建了大规模LLMware供应链数据集，涵盖12,180个OSS代码库、3,988个LLM模型及708个数据集。分析表明，LLMware中的许可证分布与传统OSS生态系统存在显著差异。通过考察许可证相关讨论，我们发现许可证选择与维护是开发者最关注的问题，占比达84%。为评估兼容性风险，我们分析了供应链中的许可证冲突现象，并对现有检测方法进行了评估——其在此场景下的F1分数仅为58%与76%。针对现有方法的局限性，我们提出了LiAgent：基于LLM的智能体框架，用于生态系统层级的许可证兼容性分析。LiAgent实现了87%的F1分数，较现有方法提升14个百分点。通过LiAgent检测到的60个兼容性问题中，已有11个获得开发者确认。值得注意的是，其中两个存在冲突的LLM模型在Hugging Face平台的下载量分别超过1.07亿次与500万次，暗示其可能产生的广泛下游影响。最后，我们提出促进LLMware生态系统可持续发展的建议与启示。