Scan .pt, .ckpt and .bin files for potentially malicious code.
- Export
pickle_inspector.pyandpickle_scan.pyto your Stable Diffusion base directory - Open bash / CMD
- Run command
python pickle_scan.py models > scan_output.txt - Open
scan_output.txt
If you get an error about torch not being installed, start your webui and copy the venv python path and replace python with that path.
It might look something like this:
venv "F:\Projects\stable-diffusion-webui\venv\Scripts\Python.exe"Final command would look like:
"F:\Projects\stable-diffusion-webui\venv\Scripts\Python.exe" pickle_scan.py models > scan_output.txt
python pickle_scan.py [directory] [debugmode]Example
python pickle_scan.py modelsAdd 1 after directory to see which calls / signals triggered the scan failure.
python pickle_scan.py models 1 > scan_output.txt
- Download the three files
pickle_inspector.py,pickle_scan.pyand_start-pickle-scan.cmdto any directory - Open
_start-pickle-scan.cmdwith notepad (or any text editor) - Copy your venv path between the quotation marks in the line starting with
SET VENV_PATH=. When you start the UI this should be displayed in the first line of the console window. Example venv "E:\stable-diffusion-webui\venv\Scripts\Python.exe" - Copy the path to your model folder between the quotation marks in the line starting with
SET SD_FOLDER=. Example E:\stable-diffusion-webui\models - (optional) If yo would like to scan an additional folder you can copy the path between the quotation marks in the line starting with
SET DOWNLOAD_FOLDER. In case you want to scan a checkpoint before moving it into the proper model folder, otherwise leave as is - Save the script file
- Doubleclick
_start-pickle-scan.cmdand wait for the scan to complete The last few lines show how many suspicious files were found
"Number of failed scans (potentially malicious files):"
---------- SCAN_OUTPUT.TXT: 0Example output (with numpy considered "non-standard"):
By default this will scan all subdirectories for files ending with .pt, .ckpt and .bin