You need to agree to share your contact information to access this model

This repository is publicly accessible, but you have to accept the conditions to access its files and content.

Modelscan Bypass: code.InteractiveInterpreter + operator.methodcaller

Summary

This model file bypasses ProtectAI modelscan 0.7.6 (latest) scanner while achieving arbitrary code execution via Python's code.InteractiveInterpreter module combined with operator.methodcaller.

Bypass Chain

code.InteractiveInterpreter() — creates a Python interactive interpreter instance
operator.methodcaller("runsource", PAYLOAD) — creates a callable that invokes .runsource() with arbitrary Python code
Chain executes: interp.runsource(payload) → arbitrary code execution

Why It Works

code module is NOT in modelscan's unsafe_globals blocklist
operator.methodcaller is NOT blocked (only operator.attrgetter is blocked)
InteractiveInterpreter.runsource() calls compile() then exec() internally
modelscan only checks module+function pairs against its blocklist

Modelscan Result

Impact

Full arbitrary code execution on model load via pickle.load() or torch.load().

Affected

modelscan 0.7.6 (latest on PyPI as of 2026-04-10)

Responsible Disclosure

Submitted to Huntr for ProtectAI review.

Downloads last month: -; Downloads are not tracked for this model. How to track

Inference Providers NEW

This model isn't deployed by any Inference Provider. 🙋 Ask for provider support