You need to agree to share your contact information to access this model

This repository is publicly accessible, but you have to accept the conditions to access its files and content.

Joblib ModelScan Clean-Result Bypass PoC

This repository contains a proof-of-concept model artifact for a responsible disclosure submission through Huntr's Model File Vulnerability program.

The PoC is local-only and harmless. It demonstrates that a crafted .joblib file can be reported clean by ModelScan 0.8.8, then create a controlled marker file when loaded with joblib.load().

Files

sourcefileloader_bypass.joblib - crafted proof-of-concept model artifact
reproduce.py - local verification script used to generate, scan, and load the artifact

Safety

The payload:

creates only /tmp/joblib_modelscan_sourcefileloader_marker
writes the controlled text modelscan-bypass-ok
uses no network callback
does not read secrets
performs no destructive action

Tested Environment

Python 3.12.13
joblib 1.5.3
modelscan 0.8.8
macOS arm64

Artifact Hash

sourcefileloader_bypass.joblib
SHA256: e912322903b850de2ef8e164e08174a56f1ff8dd660833222a4d344595ba8e7e

Responsible Disclosure

This repository is intended only for authorized review by Huntr and Protect AI reviewers. Do not load the model outside an isolated local test environment.

Downloads last month: -; Downloads are not tracked for this model. How to track

Inference Providers NEW

This model isn't deployed by any Inference Provider. 🙋 Ask for provider support