Keras Nested Lambda PoC โ ModelScan Scanner Bypass
This repository contains a proof-of-concept demonstrating that ModelScan's fails to detect Lambda layers nested inside sub-models in Keras files.
Vulnerability
Target: ModelScan (protectai/modelscan)
Scanner:
Severity: Medium
The scanner only inspects the top-level array in . If a Lambda layer is nested inside a sub-model (a model-as-a-layer pattern), the scanner never recurses and the Lambda goes undetected.
PoC Structure
Reproduction
Root Cause
only iterates one level:
A recursive scan of nested model configs would close this gap.
- Downloads last month
- 10
Inference Providers NEW
This model isn't deployed by any Inference Provider. ๐ Ask for provider support