---
license: mit
tags:
- security-research
- modelscan-bypass
---

# Modelscan Bypass: inspect.getsource Source Code Disclosure

## Summary
Bypasses modelscan 0.7.6 while reading Python source code of any loaded module.

## Chain
1. `importlib.import_module("ssl")` - load target module
2. `inspect.getsource(module)` - read its full source code

## Why It Works
- `inspect` module NOT in modelscan blocklist
- `importlib` NOT blocked (meta-bypass enabling module)
- Can read source of ANY importable module including application code

## Impact
Source code disclosure - reads full Python source of any module. Combined with importlib, can enumerate and read application-specific modules containing secrets, API keys, or business logic.

## Modelscan Result
```
No issues found!
```