🔍
Drop .pkl, .pt, .pth, or .bin files here
Scan Python pickle files for malicious code
Supports PyTorch checkpoints (ZIP), raw pickle files • 100% client-side processing
Why Scan Pickle Files?
Python pickle files can execute arbitrary code when loaded. ML models from untrusted sources (HuggingFace, GitHub, etc.) may contain malicious payloads that steal data, install backdoors, or compromise your system.
PickleScan analyzes pickle bytecode without executing it, detecting dangerous opcodes (REDUCE, BUILD, GLOBAL) and known malicious imports (os.system, subprocess, eval, etc.).
Scan Report
Security Findings
| Severity | Opcode | Import | Description | Offset |
|---|