You need to agree to share your contact information to access this model

This repository is publicly accessible, but you have to accept the conditions to access its files and content.

F-MFV-008: ModelScan misses bundled Python code execution in PyTorch Package archives

This repository contains a gated proof-of-concept model artifact for a Huntr Model File Vulnerability submission.

Warning: do not load this artifact outside an isolated test environment. The payload is intentionally harmless and writes only local marker files during controlled reproduction, but it demonstrates a model-load execution path.

Target

Finding: F-MFV-008
Target: PyTorch Package / ModelScan
Scanner: ModelScan 0.8.8

Summary

The PyTorch Package artifact carries bundled Python source that executes a harmless marker during PackageImporter.load_pickle while ModelScan scans only the pickle payload and skips the package source file.

Files

malicious_package.pt
- SHA256: 14d118fd4a7af62fba2e6927b4504bd51ecac244e44c2fccb80f396d9c3532bf

Access

This public repository is gated with manual access review for Huntr MFV triage. protectai-bot has been granted access.

Downloads last month: -; Downloads are not tracked for this model. How to track

Inference Providers NEW

This model isn't deployed by any Inference Provider. 🙋 Ask for provider support