You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Some projects (like ComfyUI nodes) contain Python files. Right now, the "File Verified - This file appears to be safe." icon appears because there are technically no pickle imports. This may give users a false sense of security since these files do run arbitrary code (and frequently install other packages/download other models when used).
Unless there's someone actually code-reviewing these, it's probably safest to not show that icon for .zip files containing .py files.
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
-
Some projects (like ComfyUI nodes) contain Python files. Right now, the "File Verified - This file appears to be safe." icon appears because there are technically no pickle imports. This may give users a false sense of security since these files do run arbitrary code (and frequently install other packages/download other models when used).
Unless there's someone actually code-reviewing these, it's probably safest to not show that icon for .zip files containing .py files.
Beta Was this translation helpful? Give feedback.
All reactions