feat: add GGUF loader for static security analysis#196
Open
GangGreenTemperTatum wants to merge 2 commits intomainfrom
Open
feat: add GGUF loader for static security analysis#196GangGreenTemperTatum wants to merge 2 commits intomainfrom
GangGreenTemperTatum wants to merge 2 commits intomainfrom
Conversation
Analyzes GGUF files for malicious chat templates (Poisoned GGUF Templates attack vector). Uses two-layer detection: regex scanning for known SSTI patterns and obfuscation, plus Jinja2 AST walking for structural analysis of dangerous attribute access, calls, and filters. Also extracts model metadata and tensor information. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
dreadnode-renovate-bot
bot
added
type/docs
- Replace single-layer regex scan with two-layer detection: regex for raw text patterns + Jinja2 AST walking for structural analysis of dangerous attribute access, calls, and filters - Add view_extra() with GGUF-specific rendering of file structure, model metadata, template findings (with severity), and tensor summary - Wire view_extra() into cli.py summary command - Fix mypy type annotations throughout Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
ggufloader that performs static security analysis of GGUF model files without executing them (no GPU required)Files
| File | Purpose |
|
Generated Summary:
Dyana now includes support for GGUF model files, expanding its functionality for analyzing security issues in chat templates.
.gitignorefor the GGUF loader directory to exclude unnecessary files.gguf_test.pyfor testing GGUF loader functionalities and security analysis.main.pyfor the GGUF loader, integrating functions to analyze chat templates and validate GGUF file structures.requirements.txtfor the GGUF loader, specifying dependencies for GGUF processing.settings.ymlfor configuration and usage examples of the GGUF loader.This update enhances the robustness of Dyana by allowing it to work with GGUF files, which is crucial for users dealing with machine learning models and ensuring template security.
This summary was generated with ❤️ by rigging
|
dyana/loaders/gguf/main.py| Core analysis: file validation, GGUF parsing, metadata extraction, template security analysis, tensor inspection ||
dyana/loaders/gguf/gguf_test.py| 28 tests covering settings validation, regex detection, AST analysis, sandbox failure handling ||
dyana/loaders/gguf/settings.yml| Loader config:--ggufarg (volume),gpu: false||
dyana/loaders/gguf/Dockerfile| python:3.12-slim + gguf + jinja2 ||
dyana/loaders/gguf/requirements.txt| gguf==0.17.1, jinja2==3.1.6 ||
README.md| Added GGUF to file types list |Test plan
poetry run ruff check dyana— lint cleanpoetry run pytest dyana -v— 189 tests pass (161 existing + 28 new)dyana loaders— GGUF shows in list (needs Docker)dyana trace --loader gguf --gguf <file>— e2e with real GGUF file (needs Docker)🤖 Generated with Claude Code