Hugging Face's logo

JohnYossarian1961
/
keras-nested-lambda-poc

Keras
security
proof-of-concept
Model card Files
xet
 Community
keras-nested-lambda-poc
File size: 702 Bytes
4fbd953
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
---
tags:
- security
- proof-of-concept
license: mit
---

# Keras Nested Lambda PoC — ModelScan Scanner Bypass

This repository contains a proof-of-concept demonstrating that ModelScan's  fails to detect Lambda layers nested inside sub-models in Keras  files.

## Vulnerability

**Target:** ModelScan (protectai/modelscan)  
**Scanner:**   
**Severity:** Medium  

The scanner only inspects the top-level  array in . If a Lambda layer is nested inside a  sub-model (a model-as-a-layer pattern), the scanner never recurses and the Lambda goes undetected.

## PoC Structure



## Reproduction



## Root Cause

 only iterates one level:


A recursive scan of nested model configs would close this gap.