GitHub

GitHub - leeroopedia/workflow-trailofbits-fickling-safe-ml-model-loading: Secure ML model loading with Fickling allowlist enforcement on Python pickle

Without protection, a single pickle.load () or torch.load () call can be the entry point for a supply-chain attack. This workflow solves that problem without requiring changes to your existing model ...
GitHub

Pickle Decompilation and Tracing

Python's pickle module can serialize arbitrary Python objects, but deserializing untrusted pickle data is equivalent to running arbitrary code. This workflow uses Fickling (by Trail of Bits) to safely ...