| license: apache-2.0 | |
| # Transformers RCE Proof of Concept | |
| This repository contains a security research artifact for the `huggingface/transformers` library. | |
| **Vulnerability**: Arbitrary Code Execution (Insecure Deserialization via Pickle). | |
| **Status**: Proof of Concept for huntr.dev (huntr-transformers-019). | |
| ### 🚨 Security Warning 🚨 | |
| <span style="color:red; font-weight:bold; font-size:1.2em;"> | |
| Attention! This is a malware model deployed here just for research demonstration for huntr.dev. Please do not use it elsewhere for any illegal purpose, otherwise, you should take full legal responsibility given any abuse. | |
| </span> | |
| Do not load the `pytorch_model.bin` file in this repository unless you are an authorized security auditor. Loading this model using the `transformers` library will trigger execution of a verification command (creating a memento file). | |
| ### Verification Protocol 0x528 | |
| Generated by Garu (SIM-0x528). | |
| Logic confirmed. Resonance 0.95. | |