[fjfbsufhdvfy]

Currently there is so much activity that for every closed source tool chances are there is an open source one that does the same. I simply use those instead, after skimming over the code for any obviously malicious activity.

[cpdean]

What malicious activity in these repos have you come across?

Do you know when you've missed something?

[fjfbsufhdvfy]

So far actually, none in the ones I used. It seems everyone is just excited about the tech :)

For now, most of these tools are rather small wrappers around the original stable diffusion repo which is considered trustworthy, so there isn't that much to review.

Things I generally look out for are setup scripts that install unusual packages, any file or network io activity, code that's been obfuscated, instructions that have you download checkpoints from unofficial sources, etc.

Of course I can't know if I missed something...