Repository for the scripts presented in the blogpost: https://mastersplinter.work/research/tensorflow-rce/
exploit.py: used to create a simple malicious model with a reverse shellinject.py: injects the malicious layer in a legitimate modelmodel.py: simulate the usage of load_mode on a malicious modeldetector.py: detects a malicious Lambda in a .h5 modelThe contents of this repository are exclusively for research and entertainment purposes.
$ claude mcp add tensorflow-rce \
-- python -m otcore.mcp_server <graph>