Joblib testing subprocess bypass PoC
This repository contains a benign security research proof of concept for a
.joblib file that bypasses common pickle/model scanners and executes a
subprocess during joblib.load().
Files:
malicious_joblib_testing_subprocess.joblibbuild_poc.pyreproduce.py
Reproduction:
python3 reproduce.py
Expected observable:
picklescanreports no dangerous globalsmodelscanreports no issuesjoblib.load()creates/tmp/mfv_joblib_testing_subprocess_20260626.txt
This repository is for defensive security validation and triage only.
Inference Providers NEW
This model isn't deployed by any Inference Provider. 🙋 Ask for provider support