security warning on model.onnx

#2
by hugging-joe - opened

Protect AI has raised a security warning about the file model.onnx containing an "architectural backdoor" susceptible to attack.
Are you aware of this, and what is your take on it?
Thanks!

See:
https://protectai.com/insights/models/minishlab/potion-base-8M/dcbec7aa2d52fc76754ac6291803feedd8c619ce/files?blob-id=975e384201f4a58a73772242f4797ab37464bdff&utm_source=huggingface

The Minish Lab org

Hi @hugging-joe , we believe this is a false positive, rather than a genuine “architectural backdoor. as described in the linked article. Our onnx conversion code is available here: https://github.com/MinishLab/model2vec/blob/main/scripts/export_to_onnx.py. As you can see, there are no actual suspicious branches/pathways in the code. I think that this flagging most likely happens because we have an unconventional forward pass due to the static nature of our models.

stephantulkens changed discussion status to closed

Sign up or log in to comment