[ZYbCRq22HbJ2y7]

> and then the amount of additional code associated with a given LLM should be tiny

What about this reporting (which is a deserialization issue, it seems like)?

- https://www.wiz.io/blog/wiz-and-hugging-face-address-risks-t...

- https://jfrog.com/blog/data-scientists-targeted-by-malicious...

[woodson]

This project apparently uses MLX, Apple’s ML framework, which doesn’t use Python’s pickle library that’s behind the safety issue. There are several options for storing models/tensors in MLX, none of which I think have such (de-)serialization issues: https://ml-explore.github.io/mlx/build/html/usage/saving_and...