Hugging Face's logo

stuub
/
ACE-Keras-001

Keras
Model card Files
xet
 Community

You need to agree to share your contact information to access this model

This repository is publicly accessible, but you have to accept the conditions to access its files and content.

Log in or Sign Up to review the conditions and access this model content.

YAML Metadata Warning:empty or missing yaml metadata in repo card

Check out the documentation for more information.

ModelScan Bypass โ€” Hidden Lambda in Keras Dense Layer Activation

Summary

Proof-of-concept .keras model file that achieves arbitrary code execution while evading ModelScan v0.8.8 detection entirely.

Reproduction 

pip install keras tensorflow modelscan

# Step 1: Scan (reports clean)
modelscan scan --path model.keras

# Step 2: Load and run (executes code)
python3 -c "
import keras, numpy as np
keras.config.enable_unsafe_deserialization()
model = keras.models.load_model('model.keras')
model.predict(np.zeros((1,5)))
"

Files

  • model.keras โ€” Malicious .keras file with hidden __lambda__ in Dense activation
Downloads last month
-
Inference Providers NEW
This model isn't deployed by any Inference Provider. ๐Ÿ™‹ Ask for provider support