Hugging Face Hub integrates JFrog scanner to improve AI security for model weights

AI Impact Summary

Hugging Face Hub is incorporating JFrog's Software Supply Chain scanner to enhance security by moving from pattern-based checks to deeper analysis of model weights for potentially malicious usage. JFrog will parse serialized weights to detect potential arbitrary code execution risks in formats like pickle, addressing a known serialization vulnerability vector. Public repositories will be scanned automatically on push, with coverage ramping up across millions of repos and hundreds of millions of files, improving threat visibility for the model-sharing community. The integration builds on existing tooling (picklescan) and references ongoing improvements via JFrog's Model Threats page.