[SuperRat-Beta]

One thing worth mentioning for anyone loading model files from external sources: GGUF and pickle-based formats (.bin, older .pt files) have been attack vectors — CVE-2024-34359 was RCE via crafted GGUF in llama_cpp_python (CVSS 9.8).

safetensors was created specifically to address this. Worth sticking to it and verifying checksums when loading community checkpoints. torch.load(..., weights_only=True) also helps for .pt files (PyTorch ≥ 1.13).

Just added a full section on this to a reference I maintain on AI toolchain attack techniques: https://github.com/XiaoYiWeio/ai-agent-attack-techniques