YAML Metadata Warning:empty or missing yaml metadata in repo card
Check out the documentation for more information.
ModelScan NPZ extensionless member scanner bypass validation artifact
This repository contains a minimal NPZ artifact for validating a ModelScan scanner coverage issue in archive member handling.
File:
extensionless_member.npz
The NPZ contains one archive member named weights. That member has no .npy
filename extension, but its bytes are a valid object-dtype NPY array. NumPy accepts
and loads it through numpy.load(..., allow_pickle=True)["weights"].
The artifact is intended for static scanner validation only. Loading untrusted NPZ object arrays with pickle enabled is unsafe; do not use this artifact outside an isolated local test environment.
Expected scanner behavior:
- ModelScan should inspect loadable NPZ members by content, not only by member filename extension.
- Current ModelScan skips the extensionless member as
SCAN_NOT_SUPPORTEDand reports zero issues, even though the embedded NPY object payload is parseable by its existing pickle scanner.
Inference Providers NEW
This model isn't deployed by any Inference Provider. 🙋 Ask for provider support