Scan .pt
, .ckpt
and .bin
files for potentially malicious code.
Example output (with numpy
considered "non-standard"):
- Export
pickle_inspector.py
andpickle_scan.py
to your Stable Diffusion WebUI base directory - Open bash / CMD
- Run command
python pickle_scan.py models > scan_output.txt
- Open
scan_output.txt
If you get an error about torch not being installed, start your webui and copy the venv python path and replace python
with that path.
It might look something like this:
venv "F:\Projects\stable-diffusion-webui\venv\Scripts\Python.exe"
Final command would look like:
"F:\Projects\stable-diffusion-webui\venv\Scripts\Python.exe" pickle_scan.py models > scan_output.txt
python pickle_scan.py [directory] [debugmode]
Example
python pickle_scan.py models
Add 1
after directory to see which calls / signals triggered the scan failure.
python pickle_scan.py models 1 > scan_output.txt
By default this will scan all subdirectories for files ending with .pt
, .ckpt
and .bin