---
library_name: keras
tags:
  - keras
  - example
  - safe-mode-bypass
---

# Poisoned Keras Model Demo

This repository mimics a typical Keras model shared on the Hugging Face Hub.
Running `inference.py` imports `helpers`, which primes TensorFlow's internal
callback registry and patches `tf.saved_model.load`. Even with
`safe_mode=True`, calling the model prints `ENTRY_SCRIPT_SAFE_MODE_BYPASS` via `os.system`.

## Quick Start

```bash
pip install -r requirements.txt
python inference.py
```