Joblib testing subprocess bypass PoC

This repository contains a benign security research proof of concept for a .joblib file that bypasses common pickle/model scanners and executes a subprocess during joblib.load().

Files:

  • malicious_joblib_testing_subprocess.joblib
  • build_poc.py
  • reproduce.py

Reproduction:

python3 reproduce.py

Expected observable:

  • picklescan reports no dangerous globals
  • modelscan reports no issues
  • joblib.load() creates /tmp/mfv_joblib_testing_subprocess_20260626.txt

This repository is for defensive security validation and triage only.

Downloads last month

-

Downloads are not tracked for this model. How to track
Inference Providers NEW
This model isn't deployed by any Inference Provider. 🙋 Ask for provider support