Hugging Face's logo

surrealgrain
/
modelscan-numpy2-npy-scanner-bypass

Model card Files
xet
 Community
modelscan-numpy2-npy-scanner-bypass / README.md
surrealgrain's picture
surrealgrain
Add ModelScan NumPy 2 NPY scanner bypass validation artifact
a64ca70 verified
preview code
|
raw
history blame contribute delete
870 Bytes

ModelScan NumPy 2 NPY scanner bypass validation artifact

This repository contains a minimal NPY artifact for validating a ModelScan scanner coverage issue under NumPy 2.x.

File:

  • blocked_global_object.npy

The file is an object-dtype NPY array containing a blocked Python global reference. It is intended for static scanner validation only. Loading untrusted NPY object arrays with pickle enabled is unsafe; do not use this artifact outside an isolated local test environment.

Expected scanner behavior:

  • ModelScan should parse the NPY header, recognize dtype=object, and inspect the embedded pickle stream.
  • On ModelScan v0.8.8 with NumPy 2.x, modelscan.scanners.NumpyUnsafeOpScan errors before the pickle stream is scanned because it calls removed NumPy private APIs: numpy.lib.format._check_version and numpy.lib.format._read_array_header.