top | item 46291786

(no title)

lab700xdev | 2 months ago

You are right that the inference ecosystem (llama.cpp, vLLM) has moved aggressively to GGUF and Safetensors. If you are just consuming optimized models, you are safer. However, I see two reasons why the risk persists: 1) The Supply Chain Tail: The training ecosystem is still heavily PyTorch native. Researchers publishing code, LoRA adapters, and intermediate checkpoints are often still .pt. 2) Safetensors Metadata: Even if the binary is safe, the JSON header in a .safetensors file often carries the License field. AIsbom scans that too. Detecting a "Non-Commercial" (CC-BY-NC) license in a production artifact is a different kind of "bomb" - a legal one - but just as dangerous for a startup.

discuss

altomek|2 months ago

This is great tool! Would it be possible to add GGUF to your tool? It may be a little tricky format to parse but GGUF format already seen few attack vectors and I consider it untrustworthy. Been able to snan GGUF files would be great!

lab700xdev|2 months ago

@altomek - Thanks for the suggestion! Just shipped v0.3.0 which includes a native GGUF header parser. It now extracts metadata and checks for license risks in .gguf files.

solarengineer|2 months ago

Could those who have downvoted this comment please explain your reasoning? Are the rationale in the comment not valid?