{
  "$type": "site.standard.document",
  "bskyPostRef": {
    "cid": "bafyreicsjgvfxq3dx7ip7zegh7llpk3j5iborupmmh46lwar2czoxsd6wi",
    "uri": "at://did:plc:pgryn3ephfd2xgft23qokfzt/app.bsky.feed.post/3mnxj5ustafq2"
  },
  "path": "/t/how-to-ensure-safe-usage/176678#post_3",
  "publishedAt": "2026-06-10T18:09:27.000Z",
  "site": "https://discuss.huggingface.co",
  "textContent": "So the question is really about models containing malware (i.e., data is not a concern).\n\nThe setup is, that people ssh onto the machine. They write python code in their repos. Some of them install the `huggingface_hub` package and download arbitrary models. I read in different news articles that there are many models that contain harmful code that is shipped easily via the pickled model file and is executed as soon as you load the model. I wanted to guard against such a case.\n\nNow you also talked about the safe tensors format and white-/blacklisting of accounts. But **I wonder, how this could be done on a technical level**. I could imagine to write some kind of config file for hugging face which I could put into any users home directory upon creation or to set some environment variables. So I don’t need to guard against malicous intend of my users, I just want to make sure that they don’t do something stupid accidentally.",
  "title": "How to ensure safe usage?"
}