You need to agree to share your contact information to access this model

This repository is publicly accessible, but you have to accept the conditions to access its files and content.

msgpack-numpy Scanner Evasion PoC (CWE-502)

Security Research - Proof of Concept

This repository contains a malicious .msgpack model file that embeds a pickle payload via msgpack-numpy's numpy object array serialization (dtype='O'). ProtectAI modelscan 0.8.8 returns SCAN_NOT_SUPPORTED for .msgpack files, so the embedded pickle payload bypasses safety scanning.

Files

malicious_model.msgpack — Malicious model file with embedded pickle payload
poc.py — Full PoC script that creates the model, scans it, and demonstrates code execution

Usage

pip install msgpack msgpack-numpy modelscan
python poc.py

Disclaimer

This PoC is for authorized security research only. The payload writes a harmless sentinel file to /tmp/.

Downloads last month: -; Downloads are not tracked for this model. How to track

Inference Providers NEW

This model isn't deployed by any Inference Provider. 🙋 Ask for provider support