security warning on model.onnx

by hugging-joe - opened Jan 4, 2025

Jan 4, 2025

Protect AI has raised a security warning about the file model.onnx containing an "architectural backdoor" susceptible to attack.
Are you aware of this, and what is your take on it?
Thanks!

See:
https://protectai.com/insights/models/minishlab/potion-base-8M/dcbec7aa2d52fc76754ac6291803feedd8c619ce/files?blob-id=975e384201f4a58a73772242f4797ab37464bdff&utm_source=huggingface

Pringled

Minish org Jan 5, 2025

Hi @hugging-joe , we believe this is a false positive, rather than a genuine “architectural backdoor. as described in the linked article. Our onnx conversion code is available here: https://github.com/MinishLab/model2vec/blob/main/scripts/export_to_onnx.py. As you can see, there are no actual suspicious branches/pathways in the code. I think that this flagging most likely happens because we have an unconventional forward pass due to the static nature of our models.

stephantulkens changed discussion status to closed Jan 15, 2025

Upload images, audio, and videos by dragging in the text input, pasting, or clicking here.

Tap or paste here to upload images

· Sign up or log in to comment