pytorch save/load still are pickle based models. Its fine for trusted sources but when you start using from untrusted sources then there is always a risk of ACE.
If you want to execute it, would suggest to try it in a sandbox env like docker, VM or online notebooks envs or other option is to inspect the model file.
As Open source AI booms, the risk of supply chain attacks also increases.
As Open source AI booms, the risk of supply chain attacks also increases.