A security verification tool for AI model scripts - Detects and verifies changes in Python files of AI models

Navigation

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for ryomo from gravatar.com ryomo

Unverified details

These details have not been verified by PyPI
Meta
  • License: MIT License (MIT)
  • Author: Ryo Moriwaki
  • Maintainer: Ryo Moriwaki
  • Tags ai , code-analysis , huggingface , machine-learning , malware-detection , model-verification , security
  • Requires: Python >=3.12
  • Provides-Extra: gui
Classifiers
Report project as malware

Project description

🛡️ Model Sentinel

A security verification tool for model scripts - Detects and verifies changes in Python files of AI models.

Features

  • Hugging Face Hub Model Verification: Detect changes in Python files of remote models
  • Local Model Verification: Detect changes in model files in local directories
  • Hash-based Verification: Verify file integrity using hashes
  • Interactive Approval: Review and approve content of changed files
  • GUI Support: Intuitive web-based GUI interface

Installation

Basic Version (CLI only)

pip install model-sentinel

GUI Version

pip install "model-sentinel[gui]"

Usage

CLI Usage

# Show help and usage instructions
model-sentinel

# Verify Hugging Face model
model-sentinel --hf ryomo/malicious-code-test

# Verify local model
model-sentinel --local ./my-model-directory

# List all verified models
model-sentinel --list-verified

# Delete all verification data
model-sentinel --delete

GUI Usage

Note: GUI commands require the GUI version to be installed.

model-sentinel --gui --hf ryomo/malicious-code-test
model-sentinel --gui --local ./my-model-directory

Python Script Usage

from model_sentinel import verify_hf_model, verify_local_model

# Verify Hugging Face model
result = verify_hf_model("ryomo/malicious-code-test")  # Returns True if verified, False otherwise

# Verify local model
result = verify_local_model("./my-model-directory")  # Returns True if verified, False otherwise

# Verify with GUI mode
result = verify_hf_model("ryomo/malicious-code-test", gui=True)  # GUI window will open

Verification Process

  1. Hash Comparison: Calculate hash of entire model or directory and compare with previous verification
  2. File Verification: If changes detected, check individual Python files
  3. Content Display: Show content of changed files (pager in CLI, web interface in GUI)
  4. User Approval: Only approve if user confirms content is trustworthy
  5. Directory Update: Save file content and metadata to .model-sentinel/ directory structure

Verification Data Directory

Verification data is stored in a structured .model-sentinel/ directory:

.model-sentinel/
├── registry.json           # Global registry of verified models
├── local/                  # Local models
│   └── {model_name}_{hash}/
│       ├── metadata.json   # Model metadata and file info
│       └── files/          # Individual file content
└── hf/                     # HuggingFace models
    └── {org}/{model}@{revision}/
        ├── metadata.json
        └── files/

Example metadata.json:

{
  "model_hash": "abc123...",
  "last_verified": "2025-07-28T10:30:00Z",
  "files": {
    "modeling.py": {
      "hash": "def456...",
      "size": 1024,
      "verified_at": "2025-07-28T10:30:00Z"
    }
  }
}

Development

For development and contributing to this project:

# Clone and setup
git clone https://github.com/ryomo/model-sentinel.git
cd model-sentinel

# Install dependencies
uv sync

# Run from source (for testing)
uv run model-sentinel  # Show help
uv run model-sentinel --hf ryomo/malicious-code-test
uv run model-sentinel --local ./my-model-directory
uv run model-sentinel --gui --hf ryomo/malicious-code-test

Testing

This project uses Python's built-in unittest for testing.

Running Tests

Run all tests:

uv run python -m unittest discover tests -v

Run specific test module:

uv run python -m unittest tests.test_verify.test_verify -v
uv run python -m unittest tests.test_target.test_base -v
uv run python -m unittest tests.test_cli -v

Test Coverage

Generate coverage reports:

# Run tests with coverage
uv run python -m coverage run -m unittest discover tests

# Generate coverage report
uv run python -m coverage report --include="src/*"

# Generate HTML coverage report
uv run python -m coverage html --include="src/*"
# Open htmlcov/index.html in browser

Technical Specifications

  • Python: 3.12+
  • Package Manager: uv
  • GUI Framework: Gradio 5.x
  • Hash Algorithm: SHA-256
  • Supported Files: Python files (.py)

License

This project is licensed under the MIT License.

Contributing

Pull requests and issue reports are welcome.

Project details

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for ryomo from gravatar.com ryomo

Unverified details

These details have not been verified by PyPI
Meta
  • License: MIT License (MIT)
  • Author: Ryo Moriwaki
  • Maintainer: Ryo Moriwaki
  • Tags ai , code-analysis , huggingface , machine-learning , malware-detection , model-verification , security
  • Requires: Python >=3.12
  • Provides-Extra: gui
Classifiers

Release history Release notifications | RSS feed

0.4.0

0.3.0

This version

0.2.0

0.1.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

model_sentinel-0.2.0.tar.gz (16.7 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

model_sentinel-0.2.0-py3-none-any.whl (24.0 kB view details)

Uploaded Python 3

File details

Details for the file model_sentinel-0.2.0.tar.gz.

File metadata

  • Download URL: model_sentinel-0.2.0.tar.gz
  • Upload date:
  • Size: 16.7 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.12.9

File hashes

Hashes for model_sentinel-0.2.0.tar.gz
Algorithm Hash digest
SHA256 5f6f60c4297553027aa38425b71818c78deeba10f2140145dc5b07521f7ae3f0
MD5 dc86fea6462d96945296f29851312fdb
BLAKE2b-256 aaf8a7e11dd51540c57eba4e02ac02db553b2104fc42055f385fb32ede0646c5

See more details on using hashes here.

Provenance

The following attestation bundles were made for model_sentinel-0.2.0.tar.gz:

Publisher: release.yml on ryomo/model-sentinel

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file model_sentinel-0.2.0-py3-none-any.whl.

File metadata

  • Download URL: model_sentinel-0.2.0-py3-none-any.whl
  • Upload date:
  • Size: 24.0 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.12.9

File hashes

Hashes for model_sentinel-0.2.0-py3-none-any.whl
Algorithm Hash digest
SHA256 3581359a9183e8e61879a4f1f2295d9afcee18e9012cf9edd2604ce735be009f
MD5 5afb565dbd23c1f99ba59e665a5e9018
BLAKE2b-256 4742108d899a8927871b778e628c2bf285db3733df3ee8a42991419dc39d1b7a

See more details on using hashes here.

Provenance

The following attestation bundles were made for model_sentinel-0.2.0-py3-none-any.whl:

Publisher: release.yml on ryomo/model-sentinel

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page