Scan the AI models #7148
Replies: 1 comment 3 replies
-
|
As far as I know, the AI model is a serialized binary. Is there any way to detect used libraries? |
Beta Was this translation helpful? Give feedback.
-
Beta Was this translation helpful? Give feedback.
-
|
Yes, it's more like SAST. I'm wondering how SCA scans AI models for vulnerabilities. |
Beta Was this translation helpful? Give feedback.
-
|
Malicious bytecode can be injected into the pickle file where weights are stored. But now the safetensors format for storing model weights is widely used, which does not have this problem. https://huggingface.co/blog/safetensors-security-audit |
Beta Was this translation helpful? Give feedback.
-
Description
Currently, I am working on packaging an AI model, which I downloaded from Hugging Face, into the OCI format and pushing it to Harbor. As a next step, I want to enable the default scanner, Trivy, to scan my AI model. However, it seems that Trivy does not support scanning AI models in this scenario.
I am wondering if Trivy has any plans to support scanning AI models built with the OCI format and report on license and CVE issues for these models.
Target
None
Scanner
None
Beta Was this translation helpful? Give feedback.
All reactions