Add F-MFV-008 gated PoC artifact

f6edea0 verified 9 days ago

1.07 kB

tags:
  - security
  - huntr
  - modelscan
  - model-file-vulnerability

F-MFV-008: ModelScan misses bundled Python code execution in PyTorch Package archives

This repository contains a gated proof-of-concept model artifact for a Huntr Model File Vulnerability submission.

Warning: do not load this artifact outside an isolated test environment. The payload is intentionally harmless and writes only local marker files during controlled reproduction, but it demonstrates a model-load execution path.

Target

Finding: F-MFV-008
Target: PyTorch Package / ModelScan
Scanner: ModelScan 0.8.8

Summary

The PyTorch Package artifact carries bundled Python source that executes a harmless marker during PackageImporter.load_pickle while ModelScan scans only the pickle payload and skips the package source file.

Files

malicious_package.pt
- SHA256: 14d118fd4a7af62fba2e6927b4504bd51ecac244e44c2fccb80f396d9c3532bf

Access

This public repository is gated with manual access review for Huntr MFV triage. protectai-bot has been granted access.