Skip to content

allsmog/why-lambda-model-fetch

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits
.devcontainer
.devcontainer
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
done.py
done.py
 
 
test.txt
test.txt
 
 
testing.h5
testing.h5
 
 

Repository files navigation

why-lambda-model-fetch

Minimal TensorFlow/Keras Lambda layer proof of concept for demonstrating why loading untrusted model artifacts can be dangerous.

What It Shows

The repository creates an HDF5 Keras model containing a Lambda layer that invokes Python code. It is a small security-research artifact for model supply chain and unsafe deserialization discussions.

Safety

Run this only in an isolated, disposable environment. Do not load unknown Keras, TensorFlow, pickle, or HDF5 artifacts in production systems without treating them as code execution risk.

Files

File Purpose
done.py Builds the demonstration model.
testing.h5 Generated Keras HDF5 model artifact.
test.txt Small test fixture.

About

Minimal TensorFlow/Keras Lambda-layer model deserialization PoC for demonstrating unsafe model loading risk.

Topics

python proof-of-concept tensorflow keras deserialization security-research ml-security model-security

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages