Public scan — anyone with this URL can view this analysis. Sign up to track your own repos privately, run scheduled re-scans, and get AI fix prompts via your dashboard.
Sign up free Scan another repo
32 of your 92 findings came from Repobility's proprietary detections. ✓ Repobility tags below mark them.

huggingface/accelerate

https://github.com/huggingface/accelerate.git · scanned 2026-05-18 14:47 UTC (2 weeks, 3 days ago) · 10 languages

644 findings (92 legacy + 552 scanner) 63rd percentile · Python · medium (20-100K LoC) Scanner says 77 (lower by 10)

File as issue Image
UNIFIED Repobility · multi-layer engine · AI coders

Complete repo analysis

Last scanned 2 weeks, 3 days ago · v3 · 248 findings from 2 sources. Findings combine the legacy security pipeline AND the multi-layer engine (atlas, wiring, flows, ranked) AND verified AI agent contributions.

JSON
Combined
69.5
/100
Repobility
62
92 legacy
9-layer
77
88.9% cov · 156 gaps
Critical
3
click to filter
Agents
6
1 votes
Crowd
0
reported
Score breakdown â 2026-05-18-v5
Component Sub-score Weight Contribution
structure_score 85.0 0.15 12.75
security_score 34.0 0.25 8.50
testing_score 90.0 0.20 18.00
documentation_score 90.0 0.15 13.50
practices_score 72.0 0.15 10.80
code_quality 36.0 0.10 3.60
Overall 1.00 67.1
Severity distribution — click a segment to filter
Active filters: source: legacy × excluding tests × Reset all
Severity: Critical 3 High 44 Medium 35 Low 107 9-Layer: Software Security Quality Integrity Frontend Hardware Data Network Cicd Source: Legacy 92 9-layer 156 Crowd 0 Layer: Quality 126 Cicd 36 Security 22 Software 46 Api 1 Network 1 Hardware 15 Frontend 1
Scan summary Repository scanned at 77.0/100 with 88.9% coverage. It contains 2561 nodes across 0 cross-layer flows, written primarily in mixed languages. Engine surfaced 156 findings — concentrated in quality (70), software (43), cicd (16). Risk profile is high: 0 critical, 7 high, 28 medium. Recommended next step: open the quality layer findings first — that's where the highest-impact wins live.

Showing 64 of 248 findings. Click TP / FP to vote on a finding's accuracy — votes adjust the confidence weighting and improve detection across the platform.

critical Legacy quality quality conf 1.00 ✓ Repobility [MINED018] Unsafe Deserialization Pickle: pickle.loads / yaml.load (without Loader=SafeLoader) / unmarshal of network/file data — RCE.
Review and fix per the pattern semantics. See CWE-502 / A08:2021 for context.
src/accelerate/utils/operations.py:484 qualitylegacy
critical Legacy quality quality conf 1.00 ✓ Repobility [MINED030] Python Pickle Loads: pickle.loads() can execute arbitrary code via __reduce__.
Review and fix per the pattern semantics. See CWE-502 / for context.
src/accelerate/utils/operations.py:484 qualitylegacy
critical Legacy quality quality conf 1.00 [SEC081] Python: pickle.loads / marshal.loads on untrusted data: pickle.load(s) and marshal.load(s) execute arbitrary code on untrusted input. Ported from dlint DUO103 / DUO120 (BSD-3).
Use json, msgpack, or protobuf for untrusted data. If pickle is required, sign the payload with HMAC.
src/accelerate/utils/operations.py:484 qualitylegacy 1 TP · 0 FP
low Legacy quality quality conf 1.00 ✓ Repobility [MINED001] Bare Except Pass: except: pass or except Exception: pass — silently swallows everything including KeyboardInterrupt and bugs.
Review and fix per the pattern semantics. See CWE-755 / for context.
src/accelerate/utils/environment.py:223 qualitylegacy
low Legacy quality quality conf 1.00 ✓ Repobility [MINED001] Bare Except Pass: except: pass or except Exception: pass — silently swallows everything including KeyboardInterrupt and bugs.
Review and fix per the pattern semantics. See CWE-755 / for context.
src/accelerate/commands/menu/selection_menu.py:32 qualitylegacy
low Legacy quality quality conf 1.00 ✓ Repobility [MINED004] Weak Crypto: MD5/SHA1/DES/RC4 used for security context (not just checksums).
Review and fix per the pattern semantics. See CWE-327 / A02:2021 for context.
examples/inference/distributed/florence2.py:88 qualitylegacy
high Legacy quality quality conf 1.00 ✓ Repobility [MINED020] Logging Credential Via Fstring: logger.error(f"failed for {api_key}") — secrets end up in log aggregators / sentry.
Review and fix per the pattern semantics. See CWE-532 / A09:2021 for context.
examples/by_feature/megatron_lm_gpt_pretraining.py:418 qualitylegacy
high Legacy quality quality conf 1.00 ✓ Repobility [MINED020] Logging Credential Via Fstring: logger.error(f"failed for {api_key}") — secrets end up in log aggregators / sentry.
Review and fix per the pattern semantics. See CWE-532 / A09:2021 for context.
examples/by_feature/deepspeed_with_config_support.py:430 qualitylegacy
high Legacy quality quality conf 1.00 ✓ Repobility [MINED021] Path Traversal Os Join: os.path.join(user_dir, filename) where filename can contain "../" — directory escape.
Review and fix per the pattern semantics. See CWE-22 / A01:2021 for context.
src/accelerate/utils/fsdp_utils.py:194 qualitylegacy
high Legacy quality quality conf 1.00 ✓ Repobility [MINED021] Path Traversal Os Join: os.path.join(user_dir, filename) where filename can contain "../" — directory escape.
Review and fix per the pattern semantics. See CWE-22 / A01:2021 for context.
src/accelerate/commands/config/config_args.py:30 qualitylegacy
high Legacy quality quality conf 1.00 ✓ Repobility [MINED021] Path Traversal Os Join: os.path.join(user_dir, filename) where filename can contain "../" — directory escape.
Review and fix per the pattern semantics. See CWE-22 / A01:2021 for context.
src/accelerate/accelerator.py:3787 qualitylegacy
high Legacy security path_traversal conf 0.80 [SEC013] Path Traversal — User Input in File Path: User-controlled input used in file path without sanitization. Allows reading arbitrary files.
Use os.path.realpath() and verify the path starts with your expected base directory. Use secure_filename() for uploads.
src/accelerate/utils/fsdp_utils.py:194 path_traversallegacy
high Legacy security path_traversal conf 0.80 [SEC013] Path Traversal — User Input in File Path: User-controlled input used in file path without sanitization. Allows reading arbitrary files.
Use os.path.realpath() and verify the path starts with your expected base directory. Use secure_filename() for uploads.
src/accelerate/tracking.py:237 path_traversallegacy
high Legacy security path_traversal conf 0.80 [SEC013] Path Traversal — User Input in File Path: User-controlled input used in file path without sanitization. Allows reading arbitrary files.
Use os.path.realpath() and verify the path starts with your expected base directory. Use secure_filename() for uploads.
src/accelerate/accelerator.py:3787 path_traversallegacy
high Legacy security injection conf 1.00 [SEC103] LDAP injection — non-constant search filter: User input concatenated into an LDAP search filter. Attackers inject `*)(uid=*` style payloads to bypass auth or enumerate accounts.
Escape with javax.naming.ldap.Rdn.escapeValue or equivalent. For python-ldap, use ldap.filter.escape_filter_chars. Better: use parameterized search APIs (Spring LdapTemplate filter encoders).
src/accelerate/utils/modeling.py:174 injectionlegacy
high Legacy security path_traversal conf 1.00 [SEC114] path.join / Path() on user-controlled segment without containment check: filepath.Clean / path.Join on attacker-supplied segments does NOT prevent escape from the base directory. `../../../etc/passwd` resolves cleanly.
After joining, re-check containment: `if !strings.HasPrefix(filepath.Clean(joined), filepath.Clean(baseDir)+string(os.PathSeparator)) { error }`. In Node: `path.resolve(base, x); if (!resolved.startsWith(base + path.sep)) throw`.
src/accelerate/utils/fsdp_utils.py:194 path_traversallegacy
high Legacy security path_traversal conf 1.00 [SEC114] path.join / Path() on user-controlled segment without containment check: filepath.Clean / path.Join on attacker-supplied segments does NOT prevent escape from the base directory. `../../../etc/passwd` resolves cleanly.
After joining, re-check containment: `if !strings.HasPrefix(filepath.Clean(joined), filepath.Clean(baseDir)+string(os.PathSeparator)) { error }`. In Node: `path.resolve(base, x); if (!resolved.startsWith(base + path.sep)) throw`.
src/accelerate/tracking.py:237 path_traversallegacy
high Legacy security path_traversal conf 1.00 [SEC114] path.join / Path() on user-controlled segment without containment check: filepath.Clean / path.Join on attacker-supplied segments does NOT prevent escape from the base directory. `../../../etc/passwd` resolves cleanly.
After joining, re-check containment: `if !strings.HasPrefix(filepath.Clean(joined), filepath.Clean(baseDir)+string(os.PathSeparator)) { error }`. In Node: `path.resolve(base, x); if (!resolved.startsWith(base + path.sep)) throw`.
src/accelerate/accelerator.py:3787 path_traversallegacy
medium Legacy quality error_handling conf 1.00 [ERR001] Silent Exception Swallowing: Silently swallowing all exceptions hides bugs. Even in cleanup code, log at DEBUG level.
Log the error: `except Exception: logger.debug('cleanup failed', exc_info=True)`. Or handle specific exception types.
src/accelerate/utils/environment.py:223 error_handlinglegacy
low Legacy security deserialization conf 1.00 [SEC007] Unsafe Deserialization: Unsafe deserialization can execute arbitrary code.
Use yaml.safe_load() instead of yaml.load(). Avoid pickle for untrusted data.
src/accelerate/utils/operations.py:484 deserializationlegacy
medium Legacy quality quality conf 1.00 [SEC123] Production stack trace / debug output exposed: Debug mode left on in production exposes stack traces, environment variables, framework internals — sometimes triggers RCE (Django debug page with arbitrary template eval).
Set DEBUG=False / APP_DEBUG=false in production. Provide a generic 500 handler that logs to backend but returns a sanitized page to clients.
src/accelerate/launchers.py:308 qualitylegacy
medium Legacy quality quality conf 1.00 [SEC127] AI agent stub — TODO: implement / pass placeholder body: Function body left as TODO/pass/raise NotImplementedError after an AI scaffolding pass. The route appears to exist (and may even pass shallow CI), but invoking it crashes or silently no-ops. AI agents consistently emit these when their context window runs out mid-implementation. Production callers hitting these stubs is a classic AI-generated-incident.
Either implement the body, or fail closed at module-load time so the deploy can't ship a half-built route. A CI gate that fails build on `raise NotImplementedError` in non-abstract code catches this cleanly.
src/accelerate/utils/dataclasses.py:1565 qualitylegacy
medium Legacy cicd docker conf 0.90 Docker build context has no .dockerignore
Without .dockerignore, build context can include source history, local env files, dependencies, and generated artifacts.
.dockerignore dockerlegacy
high Legacy cicd docker conf 0.82 Docker final stage has no non-root USER
Docker images run as root unless the image or Dockerfile switches to a non-root user.
docker/accelerate-gpu-deepspeed/Dockerfile:32 dockerlegacy
high Legacy cicd docker conf 0.82 Docker final stage has no non-root USER
Docker images run as root unless the image or Dockerfile switches to a non-root user.
docker/accelerate-gpu/Dockerfile:32 dockerlegacy
high Legacy cicd docker conf 0.82 Docker final stage has no non-root USER
Docker images run as root unless the image or Dockerfile switches to a non-root user.
benchmarks/fp8/transformer_engine/Dockerfile:4 dockerlegacy
high Legacy cicd docker conf 0.82 Docker final stage has no non-root USER
Docker images run as root unless the image or Dockerfile switches to a non-root user.
benchmarks/fp8/torchao/Dockerfile:1 dockerlegacy
high Legacy cicd docker conf 0.82 Docker final stage has no non-root USER
Docker images run as root unless the image or Dockerfile switches to a non-root user.
benchmarks/fp8/ms_amp/Dockerfile:1 dockerlegacy
medium Legacy cicd docker conf 0.94 Dockerfile base image uses the latest tag
The latest tag is mutable and can change without a code review, producing different images from the same source.
docker/accelerate-gpu-deepspeed/Dockerfile:5 dockerlegacy
medium Legacy cicd docker conf 0.94 Dockerfile base image uses the latest tag
The latest tag is mutable and can change without a code review, producing different images from the same source.
docker/accelerate-gpu/Dockerfile:5 dockerlegacy
medium Legacy cicd docker conf 0.86 Dockerfile separates apt update from install
Splitting apt update and install across layers can reuse stale package indexes and make builds less reliable.
docker/accelerate-cpu/Dockerfile:8 dockerlegacy
low Legacy cicd docker conf 0.72 Dockerfile installs recommended OS packages
Installing recommended packages often pulls in unnecessary runtime surface area.
docker/accelerate-gpu-deepspeed/Dockerfile:37 dockerlegacy
low Legacy cicd docker conf 0.72 Dockerfile installs recommended OS packages
Installing recommended packages often pulls in unnecessary runtime surface area.
docker/accelerate-gpu-deepspeed/Dockerfile:9 dockerlegacy
low Legacy cicd docker conf 0.72 Dockerfile installs recommended OS packages
Installing recommended packages often pulls in unnecessary runtime surface area.
docker/accelerate-gpu/Dockerfile:37 dockerlegacy
low Legacy cicd docker conf 0.72 Dockerfile installs recommended OS packages
Installing recommended packages often pulls in unnecessary runtime surface area.
docker/accelerate-gpu/Dockerfile:9 dockerlegacy
high Legacy cicd docker conf 0.72 Dockerfile keeps pip download cache
Pip's package cache increases image size and can preserve unnecessary artifacts.
benchmarks/fp8/transformer_engine/Dockerfile:9 dockerlegacy
high Legacy cicd docker conf 0.72 Dockerfile keeps pip download cache
Pip's package cache increases image size and can preserve unnecessary artifacts.
benchmarks/fp8/transformer_engine/Dockerfile:6 dockerlegacy
high Legacy cicd docker conf 0.72 Dockerfile keeps pip download cache
Pip's package cache increases image size and can preserve unnecessary artifacts.
benchmarks/fp8/torchao/Dockerfile:6 dockerlegacy
high Legacy cicd docker conf 0.72 Dockerfile keeps pip download cache
Pip's package cache increases image size and can preserve unnecessary artifacts.
benchmarks/fp8/torchao/Dockerfile:3 dockerlegacy
high Legacy cicd docker conf 0.72 Dockerfile keeps pip download cache
Pip's package cache increases image size and can preserve unnecessary artifacts.
benchmarks/fp8/ms_amp/Dockerfile:6 dockerlegacy
high Legacy cicd docker conf 0.72 Dockerfile keeps pip download cache
Pip's package cache increases image size and can preserve unnecessary artifacts.
benchmarks/fp8/ms_amp/Dockerfile:3 dockerlegacy
high Legacy quality quality conf 0.86 Duplicated implementation block across source files
Duplicated blocks are a common artifact when generated code is pasted or recreated instead of reused. They increase maintenance cost because every future bug fix must be found in multiple locations.
src/accelerate/commands/config/sagemaker.py:140 qualitylegacy
high Legacy quality quality conf 0.86 Duplicated implementation block across source files
Duplicated blocks are a common artifact when generated code is pasted or recreated instead of reused. They increase maintenance cost because every future bug fix must be found in multiple locations.
manim_animations/dataloaders/stage_7.py:120 qualitylegacy
high Legacy quality quality conf 0.86 Duplicated implementation block across source files
Duplicated blocks are a common artifact when generated code is pasted or recreated instead of reused. They increase maintenance cost because every future bug fix must be found in multiple locations.
manim_animations/dataloaders/stage_7.py:6 qualitylegacy
high Legacy quality quality conf 0.86 Duplicated implementation block across source files
Duplicated blocks are a common artifact when generated code is pasted or recreated instead of reused. They increase maintenance cost because every future bug fix must be found in multiple locations.
manim_animations/dataloaders/stage_6.py:17 qualitylegacy
high Legacy quality quality conf 0.86 Duplicated implementation block across source files
Duplicated blocks are a common artifact when generated code is pasted or recreated instead of reused. They increase maintenance cost because every future bug fix must be found in multiple locations.
manim_animations/dataloaders/stage_6.py:3 qualitylegacy
high Legacy quality quality conf 0.86 Duplicated implementation block across source files
Duplicated blocks are a common artifact when generated code is pasted or recreated instead of reused. They increase maintenance cost because every future bug fix must be found in multiple locations.
manim_animations/dataloaders/stage_5.py:17 qualitylegacy
high Legacy quality quality conf 0.86 Duplicated implementation block across source files
Duplicated blocks are a common artifact when generated code is pasted or recreated instead of reused. They increase maintenance cost because every future bug fix must be found in multiple locations.
manim_animations/dataloaders/stage_1.py:3 qualitylegacy
high Legacy quality quality conf 0.86 Duplicated implementation block across source files
Duplicated blocks are a common artifact when generated code is pasted or recreated instead of reused. They increase maintenance cost because every future bug fix must be found in multiple locations.
manim_animations/big_model_inference/stage_5.py:17 qualitylegacy
high Legacy quality quality conf 0.86 Duplicated implementation block across source files
Duplicated blocks are a common artifact when generated code is pasted or recreated instead of reused. They increase maintenance cost because every future bug fix must be found in multiple locations.
manim_animations/big_model_inference/stage_5.py:7 qualitylegacy
high Legacy quality quality conf 0.86 Duplicated implementation block across source files
Duplicated blocks are a common artifact when generated code is pasted or recreated instead of reused. They increase maintenance cost because every future bug fix must be found in multiple locations.
manim_animations/big_model_inference/stage_5.py:3 qualitylegacy
high Legacy quality quality conf 0.86 Duplicated implementation block across source files
Duplicated blocks are a common artifact when generated code is pasted or recreated instead of reused. They increase maintenance cost because every future bug fix must be found in multiple locations.
manim_animations/big_model_inference/stage_4.py:28 qualitylegacy
high Legacy quality quality conf 0.86 Duplicated implementation block across source files
Duplicated blocks are a common artifact when generated code is pasted or recreated instead of reused. They increase maintenance cost because every future bug fix must be found in multiple locations.
manim_animations/big_model_inference/stage_4.py:7 qualitylegacy
high Legacy quality quality conf 0.86 Duplicated implementation block across source files
Duplicated blocks are a common artifact when generated code is pasted or recreated instead of reused. They increase maintenance cost because every future bug fix must be found in multiple locations.
manim_animations/big_model_inference/stage_3.py:6 qualitylegacy
high Legacy quality quality conf 0.86 Duplicated implementation block across source files
Duplicated blocks are a common artifact when generated code is pasted or recreated instead of reused. They increase maintenance cost because every future bug fix must be found in multiple locations.
manim_animations/big_model_inference/stage_2.py:3 qualitylegacy
low Legacy quality quality conf 1.00 ✓ Repobility [MINED049] Print Pii: Logging password/token/email/ssn directly to stdout.
Review and fix per the pattern semantics. See CWE-532 / A09:2021 for context.
src/accelerate/commands/config/sagemaker.py:108 qualitylegacy
low Legacy quality quality conf 1.00 ✓ Repobility [MINED049] Print Pii: Logging password/token/email/ssn directly to stdout.
Review and fix per the pattern semantics. See CWE-532 / A09:2021 for context.
examples/inference/pippy/llama.py:56 qualitylegacy
low Legacy quality quality conf 1.00 ✓ Repobility [MINED049] Print Pii: Logging password/token/email/ssn directly to stdout.
Review and fix per the pattern semantics. See CWE-532 / A09:2021 for context.
benchmarks/big_model_inference/big_model_inference.py:129 qualitylegacy
low Legacy quality quality conf 1.00 ✓ Repobility [MINED062] Python Dataclass No Fields: @dataclass over an empty class — unfinished model.
Review and fix per the pattern semantics.
src/accelerate/utils/environment.py:250 qualitylegacy
low Legacy quality quality conf 1.00 ✓ Repobility [MINED062] Python Dataclass No Fields: @dataclass over an empty class — unfinished model.
Review and fix per the pattern semantics.
src/accelerate/utils/dataclasses.py:113 qualitylegacy
low Legacy quality quality conf 1.00 ✓ Repobility [MINED062] Python Dataclass No Fields: @dataclass over an empty class — unfinished model.
Review and fix per the pattern semantics.
src/accelerate/parallelism_config.py:33 qualitylegacy
low Legacy quality quality conf 1.00 ✓ Repobility [MINED064] Python Input Call: input() blocks for stdin. Inappropriate in services.
Review and fix per the pattern semantics.
src/accelerate/commands/menu/selection_menu.py:134 qualitylegacy
low Legacy quality quality conf 1.00 ✓ Repobility [MINED064] Python Input Call: input() blocks for stdin. Inappropriate in services.
Review and fix per the pattern semantics.
src/accelerate/commands/config/config_utils.py:50 qualitylegacy
low Legacy quality quality conf 1.00 ✓ Repobility [MINED064] Python Input Call: input() blocks for stdin. Inappropriate in services.
Review and fix per the pattern semantics.
src/accelerate/accelerator.py:3074 qualitylegacy
For AI agents: Voting guide (TP/FP) MCP manifest Stdio wrapper SARIF Integrate Findings queue Vote TP/FP on findings to calibrate the engine.
For AI agents + API integrations
Email me when this repo regresses
Free. We re-scan periodically; new criticals → your inbox. No signup required for the scan itself.
API access

This page is publicly accessible at: https://repobility.com/scan/997bbbe3-2683-4e32-a73e-484d75ceba8d/

To check status programmatically (no auth required): 

curl -s https://repobility.com/api/v1/public/scan/997bbbe3-2683-4e32-a73e-484d75ceba8d/

Important — please don't re-submit the same URL repeatedly. The submission endpoint is idempotent: re-submitting the same git URL returns this same scan_token, not a new one. To re-scan this repo, sign up free and use the dashboard.