AIsbom – open-source CLI to detect "Pickle Bombs" in PyTorch models
SMRTR summary
AIsbom is a specialized security scanner for machine learning artifacts that performs deep binary introspection on model files like .pt, .pkl, and .safetensors. Unlike generic SBOM tools that only check requirements.txt, AIsbom detects malware risks and license violations hidden inside serialized model weights by disassembling pickle bytecode and extracting metadata without loading heavy weights into memory.
SMRTR provides this summary for quick context. The original article belongs to Hacker News.
Read the original article