security warning on model.onnx

by hugging-joe - opened 5 days ago

5 days ago

Protect AI has raised a security warning about the file model.onnx containing an "architectural backdoor" susceptible to attack.
Are you aware of this, and what is your take on it?
Thanks!

See:
https://protectai.com/insights/models/minishlab/potion-base-8M/dcbec7aa2d52fc76754ac6291803feedd8c619ce/files?blob-id=975e384201f4a58a73772242f4797ab37464bdff&utm_source=huggingface

Pringled

The Minish Lab org 4 days ago

Hi @hugging-joe , we believe this is a false positive, rather than a genuine “architectural backdoor. as described in the linked article. Our onnx conversion code is available here: https://github.com/MinishLab/model2vec/blob/main/scripts/export_to_onnx.py. As you can see, there are no actual suspicious branches/pathways in the code. I think that this flagging most likely happens because we have an unconventional forward pass due to the static nature of our models.

Upload images, audio, and videos by dragging in the text input, pasting, or clicking here.

Tap or paste here to upload images

· Sign up or log in to comment