Scan .pt, .ckpt and .bin files for potentially malicious code.
pickle_inspector.py and pickle_scan.py to your Stable Diffusion base directorypython pickle_scan.py models > scan_output.txtscan_output.txtIf you get an error about torch not being installed, start your webui and copy the venv python path and replace python with that path.
It might look something like this:
venv "F:\Projects\stable-diffusion-webui\venv\Scripts\Python.exe"Final command would look like:
"F:\Projects\stable-diffusion-webui\venv\Scripts\Python.exe" pickle_scan.py models > scan_output.txt
python pickle_scan.py [directory] [debugmode]Example
python pickle_scan.py modelsAdd 1 after directory to see which calls / signals triggered the scan failure.
python pickle_scan.py models 1 > scan_output.txtpickle_inspector.py, pickle_scan.py and _start-pickle-scan.cmd to any directory_start-pickle-scan.cmd with notepad (or any text editor)SET VENV_PATH=. When you start the UI this should be displayed in the first line of the console window. Example venv "E:\stable-diffusion-webui\venv\Scripts\Python.exe"SET SD_FOLDER=. Example E:\stable-diffusion-webui\modelsSET DOWNLOAD_FOLDER. In case you want to scan a checkpoint before moving it into the proper model folder, otherwise leave as is_start-pickle-scan.cmd and wait for the scan to complete
The last few lines show how many suspicious files were found
"Number of failed scans (potentially malicious files):"---------- SCAN_OUTPUT.TXT: 0
Example output (with `numpy` considered "non-standard"):
## Notes
By default this will scan all subdirectories for files ending with `.pt`, `.ckpt` and `.bin`
## License
https://creativecommons.org/licenses/by-nc-sa/4.0/