README.md

# modelscan-bypass-timeit-repeat

## ProtectAI modelscan Bypass PoC

**Module**: `timeit repeat rce`
**Impact**: timeit.repeat RCE bypass - exec() variant
**Scanner**: modelscan 0.7.6 (latest on PyPI)
**Result**: "No issues found" — bypass confirmed

### Reproduction
```bash
pip install modelscan
modelscan scan -p timeit_repeat_rce.pkl
# Output: "No issues found!"
# But pickle.load() executes the payload
```

### Responsible Disclosure
This PoC is uploaded for responsible disclosure via Huntr MFV program.