← Legacy view v2 (rp.*)

huggingface/accelerate

https://github.com/huggingface/accelerate.git · lang: python · LOC: · source: user_submitted

Quality
67.1
Grade B-
Security
34.0
Findings
92
3 critical · 20 high
Status
completed
May 18, 2026 14:47
low: 27 info: 21 medium: 21 high: 20 critical: 3
Top rules by occurrence
RuleSeverityCount
AIC003 Duplicated implementation block across source files low 14
DKR012 Dockerfile keeps pip download cache low 6
DKR001 Docker final stage has no non-root USER medium 5
DKR011 Dockerfile installs recommended OS packages low 4
SEC114 path.join / Path() on user-controlled segment without conta… high 3
MINED049 Print Pii info 3
MINED050 Stub Only Function info 3
MINED064 Python Input Call info 3
MINED001 Bare Except Pass high 3
MINED062 Python Dataclass No Fields info 3
First 92 findings (severity-sorted)
critical MINED018 Unsafe Deserialization Pickle CWE-502
src/accelerate/utils/operations.py:484 · conf 1.00 
[MINED018] Unsafe Deserialization Pickle: pickle.loads / yaml.load (without Loader=SafeLoader) / unmarshal of network/file data — RCE.
critical MINED030 Python Pickle Loads CWE-502
src/accelerate/utils/operations.py:484 · conf 1.00 
[MINED030] Python Pickle Loads: pickle.loads() can execute arbitrary code via __reduce__.
critical SEC081 Python: pickle.loads / marshal.loads on untrusted data
src/accelerate/utils/operations.py:484 · conf 1.00 
[SEC081] Python: pickle.loads / marshal.loads on untrusted data: pickle.load(s) and marshal.load(s) execute arbitrary code on untrusted input. Ported from dlint DUO103 / DUO120 (BSD-3).
high MINED001 Bare Except Pass CWE-755
src/accelerate/commands/menu/selection_menu.py:32 · conf 1.00 
[MINED001] Bare Except Pass: except: pass or except Exception: pass — silently swallows everything including KeyboardInterrupt and bugs.
high MINED001 Bare Except Pass CWE-755
src/accelerate/test_utils/testing.py:822 · conf 1.00 
[MINED001] Bare Except Pass: except: pass or except Exception: pass — silently swallows everything including KeyboardInterrupt and bugs.
high MINED001 Bare Except Pass CWE-755
src/accelerate/utils/environment.py:223 · conf 1.00 
[MINED001] Bare Except Pass: except: pass or except Exception: pass — silently swallows everything including KeyboardInterrupt and bugs.
high MINED004 Weak Crypto CWE-327
examples/inference/distributed/florence2.py:88 · conf 1.00 
[MINED004] Weak Crypto: MD5/SHA1/DES/RC4 used for security context (not just checksums).
high MINED020 Logging Credential Via Fstring CWE-532
examples/by_feature/deepspeed_with_config_support.py:430 · conf 1.00 
[MINED020] Logging Credential Via Fstring: logger.error(f"failed for {api_key}") — secrets end up in log aggregators / sentry.
high MINED020 Logging Credential Via Fstring CWE-532
examples/by_feature/megatron_lm_gpt_pretraining.py:418 · conf 1.00 
[MINED020] Logging Credential Via Fstring: logger.error(f"failed for {api_key}") — secrets end up in log aggregators / sentry.
high MINED021 Path Traversal Os Join CWE-22
src/accelerate/accelerator.py:3787 · conf 1.00 
[MINED021] Path Traversal Os Join: os.path.join(user_dir, filename) where filename can contain "../" — directory escape.
high MINED021 Path Traversal Os Join CWE-22
src/accelerate/commands/config/config_args.py:30 · conf 1.00 
[MINED021] Path Traversal Os Join: os.path.join(user_dir, filename) where filename can contain "../" — directory escape.
high MINED021 Path Traversal Os Join CWE-22
src/accelerate/utils/fsdp_utils.py:194 · conf 1.00 
[MINED021] Path Traversal Os Join: os.path.join(user_dir, filename) where filename can contain "../" — directory escape.
high SEC013 Path Traversal — User Input in File Path
src/accelerate/accelerator.py:3787 · conf 0.80 
[SEC013] Path Traversal — User Input in File Path: User-controlled input used in file path without sanitization. Allows reading arbitrary files.
high SEC013 Path Traversal — User Input in File Path
src/accelerate/tracking.py:237 · conf 0.80 
[SEC013] Path Traversal — User Input in File Path: User-controlled input used in file path without sanitization. Allows reading arbitrary files.
high SEC013 Path Traversal — User Input in File Path
src/accelerate/utils/fsdp_utils.py:194 · conf 0.80 
[SEC013] Path Traversal — User Input in File Path: User-controlled input used in file path without sanitization. Allows reading arbitrary files.
high SEC020 Secret Printed to Logs
benchmarks/big_model_inference/big_model_inference.py:129 · conf 0.85 
[SEC020] Secret Printed to Logs: Debug or diagnostic code appears to print a credential-bearing value. This is a frequent AI-assisted coding failure: the helper exposes the exact value needed for tro…
high SEC103 LDAP injection — non-constant search filter
src/accelerate/utils/modeling.py:174 · conf 1.00 
[SEC103] LDAP injection — non-constant search filter: User input concatenated into an LDAP search filter. Attackers inject `*)(uid=*` style payloads to bypass auth or enumerate accounts.
high SEC114 path.join / Path() on user-controlled segment without containment check
src/accelerate/accelerator.py:3787 · conf 1.00 
[SEC114] path.join / Path() on user-controlled segment without containment check: filepath.Clean / path.Join on attacker-supplied segments does NOT prevent escape from the base directory. `../../../e…
high SEC114 path.join / Path() on user-controlled segment without containment check
src/accelerate/tracking.py:237 · conf 1.00 
[SEC114] path.join / Path() on user-controlled segment without containment check: filepath.Clean / path.Join on attacker-supplied segments does NOT prevent escape from the base directory. `../../../e…
high SEC114 path.join / Path() on user-controlled segment without containment check
src/accelerate/utils/fsdp_utils.py:194 · conf 1.00 
[SEC114] path.join / Path() on user-controlled segment without containment check: filepath.Clean / path.Join on attacker-supplied segments does NOT prevent escape from the base directory. `../../../e…
high SEC128 Async function without await — fire-and-forget Promise (AI mistake)
benchmarks/fp8/ms_amp/distrib_deepspeed.py:90 · conf 1.00 
[SEC128] Async function without await — fire-and-forget Promise (AI mistake): Async call invoked without `await` returns an unhandled Promise. The outer function resolves before the inner work comple…
high SEC128 Async function without await — fire-and-forget Promise (AI mistake)
benchmarks/fp8/torchao/distrib_deepspeed.py:128 · conf 1.00 
[SEC128] Async function without await — fire-and-forget Promise (AI mistake): Async call invoked without `await` returns an unhandled Promise. The outer function resolves before the inner work comple…
high SEC128 Async function without await — fire-and-forget Promise (AI mistake)
benchmarks/fp8/transformer_engine/distrib_deepspeed.py:115 · conf 1.00 
[SEC128] Async function without await — fire-and-forget Promise (AI mistake): Async call invoked without `await` returns an unhandled Promise. The outer function resolves before the inner work comple…
medium DKR001 Docker final stage has no non-root USER
benchmarks/fp8/ms_amp/Dockerfile:1 · conf 0.82 
Docker final stage has no non-root USER
medium DKR001 Docker final stage has no non-root USER
benchmarks/fp8/torchao/Dockerfile:1 · conf 0.82 
Docker final stage has no non-root USER
medium DKR001 Docker final stage has no non-root USER
benchmarks/fp8/transformer_engine/Dockerfile:4 · conf 0.82 
Docker final stage has no non-root USER
medium DKR001 Docker final stage has no non-root USER
docker/accelerate-gpu-deepspeed/Dockerfile:32 · conf 0.82 
Docker final stage has no non-root USER
medium DKR001 Docker final stage has no non-root USER
docker/accelerate-gpu/Dockerfile:32 · conf 0.82 
Docker final stage has no non-root USER
medium DKR002 Dockerfile base image has no explicit tag
benchmarks/fp8/ms_amp/Dockerfile:1 · conf 0.90 
Dockerfile base image has no explicit tag
medium DKR003 Dockerfile base image uses the latest tag
docker/accelerate-gpu-deepspeed/Dockerfile:5 · conf 0.94 
Dockerfile base image uses the latest tag
medium DKR003 Dockerfile base image uses the latest tag
docker/accelerate-gpu/Dockerfile:5 · conf 0.94 
Dockerfile base image uses the latest tag
medium DKR007 Docker build context has no .dockerignore
.dockerignore · conf 0.90 
Docker build context has no .dockerignore
medium DKR009 Dockerfile separates apt update from install
docker/accelerate-cpu/Dockerfile:8 · conf 0.86 
Dockerfile separates apt update from install
medium ERR001 [ERR001] Silent Exception Swallowing (and 2 more): Same pattern found in 2 additional files. Review if needed.
src/accelerate/utils/environment.py:223 · conf 1.00 
[ERR001] Silent Exception Swallowing: Silently swallowing all exceptions hides bugs. Even in cleanup code, log at DEBUG level.
medium SEC007 Unsafe Deserialization
src/accelerate/utils/operations.py:484 · conf 1.00 
[SEC007] Unsafe Deserialization: Unsafe deserialization can execute arbitrary code.
medium SEC011 Unsafe PyTorch Model Loading
src/accelerate/accelerator.py:3823 · conf 1.00 
[SEC011] Unsafe PyTorch Model Loading: torch.load() uses pickle internally and can execute arbitrary code from untrusted model files.
medium SEC011 Unsafe PyTorch Model Loading
src/accelerate/utils/other.py:436 · conf 1.00 
[SEC011] Unsafe PyTorch Model Loading: torch.load() uses pickle internally and can execute arbitrary code from untrusted model files.
medium SEC034 Log Injection / Log Forging — unsanitized user input in log
examples/by_feature/deepspeed_with_config_support.py:437 · conf 1.00 
[SEC034] Log Injection / Log Forging — unsanitized user input in log: User input is logged without sanitizing newlines or control characters. Attackers inject `\n` to forge fake log entries, hide tra…
medium SEC034 Log Injection / Log Forging — unsanitized user input in log
examples/by_feature/megatron_lm_gpt_pretraining.py:425 · conf 1.00 
[SEC034] Log Injection / Log Forging — unsanitized user input in log: User input is logged without sanitizing newlines or control characters. Attackers inject `\n` to forge fake log entries, hide tra…
medium SEC034 Log Injection / Log Forging — unsanitized user input in log
src/accelerate/accelerator.py:3796 · conf 1.00 
[SEC034] Log Injection / Log Forging — unsanitized user input in log: User input is logged without sanitizing newlines or control characters. Attackers inject `\n` to forge fake log entries, hide tra…
medium SEC045 eval()/exec() on stored or user-supplied data
src/accelerate/optimizer.py:138 · conf 1.00 
[SEC045] eval()/exec() on stored or user-supplied data: eval() and exec() on data — even admin-stored data — is a lateral-movement vector after any one credential compromise. Sandboxes (__builtins__ …
medium SEC045 eval()/exec() on stored or user-supplied data
src/accelerate/utils/megatron_lm.py:1003 · conf 1.00 
[SEC045] eval()/exec() on stored or user-supplied data: eval() and exec() on data — even admin-stored data — is a lateral-movement vector after any one credential compromise. Sandboxes (__builtins__ …
medium SEC123 Production stack trace / debug output exposed
src/accelerate/launchers.py:308 · conf 1.00 
[SEC123] Production stack trace / debug output exposed: Debug mode left on in production exposes stack traces, environment variables, framework internals — sometimes triggers RCE (Django debug page w…
medium SEC127 AI agent stub — TODO: implement / pass placeholder body
src/accelerate/utils/dataclasses.py:1565 · conf 1.00 
[SEC127] AI agent stub — TODO: implement / pass placeholder body: Function body left as TODO/pass/raise NotImplementedError after an AI scaffolding pass. The route appears to exist (and may even pass…
low AIC003 Duplicated implementation block across source files
manim_animations/big_model_inference/stage_2.py:3 · conf 0.86 
Duplicated implementation block across source files
low AIC003 Duplicated implementation block across source files
manim_animations/big_model_inference/stage_3.py:6 · conf 0.86 
Duplicated implementation block across source files
low AIC003 Duplicated implementation block across source files
manim_animations/big_model_inference/stage_4.py:7 · conf 0.86 
Duplicated implementation block across source files
low AIC003 Duplicated implementation block across source files
manim_animations/big_model_inference/stage_4.py:28 · conf 0.86 
Duplicated implementation block across source files
low AIC003 Duplicated implementation block across source files
manim_animations/big_model_inference/stage_5.py:3 · conf 0.86 
Duplicated implementation block across source files
low AIC003 Duplicated implementation block across source files
manim_animations/big_model_inference/stage_5.py:7 · conf 0.86 
Duplicated implementation block across source files
low AIC003 Duplicated implementation block across source files
manim_animations/big_model_inference/stage_5.py:17 · conf 0.86 
Duplicated implementation block across source files
low AIC003 Duplicated implementation block across source files
manim_animations/dataloaders/stage_1.py:3 · conf 0.86 
Duplicated implementation block across source files
low AIC003 Duplicated implementation block across source files
manim_animations/dataloaders/stage_5.py:17 · conf 0.86 
Duplicated implementation block across source files
low AIC003 Duplicated implementation block across source files
manim_animations/dataloaders/stage_6.py:3 · conf 0.86 
Duplicated implementation block across source files
low AIC003 Duplicated implementation block across source files
manim_animations/dataloaders/stage_6.py:17 · conf 0.86 
Duplicated implementation block across source files
low AIC003 Duplicated implementation block across source files
manim_animations/dataloaders/stage_7.py:6 · conf 0.86 
Duplicated implementation block across source files
low AIC003 Duplicated implementation block across source files
manim_animations/dataloaders/stage_7.py:120 · conf 0.86 
Duplicated implementation block across source files
low AIC003 Duplicated implementation block across source files
src/accelerate/commands/config/sagemaker.py:140 · conf 0.86 
Duplicated implementation block across source files
low COMP001 [COMP001] High cognitive complexity: Function `load_yfinance_data` has cognitive complexity 9 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand — nested branches, boolean chains, and recursion all weigh in. Breakdown: except=1, for=1, if=2, nested_bonus=3, or=2.
benchmarks/big_model_inference/big_model_inference.py:43 · conf 0.95 
[COMP001] High cognitive complexity: Function `parse_args` has cognitive complexity 11 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand — nested b…
low COMP001 [COMP001] High cognitive complexity: Function `load_yfinance_data` has cognitive complexity 9 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand — nested branches, boolean chains, and recursion all weigh in. Breakdown: except=1, for=1, if=2, nested_bonus=3, or=2.
benchmarks/big_model_inference/big_model_inference.py:79 · conf 0.95 
[COMP001] High cognitive complexity: Function `main` has cognitive complexity 8 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand — nested branches…
low COMP001 [COMP001] High cognitive complexity: Function `load_yfinance_data` has cognitive complexity 9 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand — nested branches, boolean chains, and recursion all weigh in. Breakdown: except=1, for=1, if=2, nested_bonus=3, or=2.
benchmarks/fp8/torchao/distrib_deepspeed.py:51 · conf 0.95 
[COMP001] High cognitive complexity: Function `train_baseline` has cognitive complexity 9 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand — neste…
low DKR011 Dockerfile installs recommended OS packages
docker/accelerate-gpu-deepspeed/Dockerfile:9 · conf 0.72 
Dockerfile installs recommended OS packages
low DKR011 Dockerfile installs recommended OS packages
docker/accelerate-gpu-deepspeed/Dockerfile:37 · conf 0.72 
Dockerfile installs recommended OS packages
low DKR011 Dockerfile installs recommended OS packages
docker/accelerate-gpu/Dockerfile:9 · conf 0.72 
Dockerfile installs recommended OS packages
low DKR011 Dockerfile installs recommended OS packages
docker/accelerate-gpu/Dockerfile:37 · conf 0.72 
Dockerfile installs recommended OS packages
low DKR012 Dockerfile keeps pip download cache
benchmarks/fp8/ms_amp/Dockerfile:3 · conf 0.72 
Dockerfile keeps pip download cache
low DKR012 Dockerfile keeps pip download cache
benchmarks/fp8/ms_amp/Dockerfile:6 · conf 0.72 
Dockerfile keeps pip download cache
low DKR012 Dockerfile keeps pip download cache
benchmarks/fp8/torchao/Dockerfile:3 · conf 0.72 
Dockerfile keeps pip download cache
low DKR012 Dockerfile keeps pip download cache
benchmarks/fp8/torchao/Dockerfile:6 · conf 0.72 
Dockerfile keeps pip download cache
low DKR012 Dockerfile keeps pip download cache
benchmarks/fp8/transformer_engine/Dockerfile:6 · conf 0.72 
Dockerfile keeps pip download cache
low DKR012 Dockerfile keeps pip download cache
benchmarks/fp8/transformer_engine/Dockerfile:9 · conf 0.72 
Dockerfile keeps pip download cache
info MINED049 Print Pii CWE-532
benchmarks/big_model_inference/big_model_inference.py:129 · conf 1.00 
[MINED049] Print Pii: Logging password/token/email/ssn directly to stdout.
info MINED049 Print Pii CWE-532
examples/inference/pippy/llama.py:56 · conf 1.00 
[MINED049] Print Pii: Logging password/token/email/ssn directly to stdout.
info MINED049 Print Pii CWE-532
src/accelerate/commands/config/sagemaker.py:108 · conf 1.00 
[MINED049] Print Pii: Logging password/token/email/ssn directly to stdout.
info MINED050 Stub Only Function CWE-1188
examples/by_feature/fsdp_with_peak_mem_tracking.py:311 · conf 1.00 
[MINED050] Stub Only Function: Function declared but body is just pass, return None, raise NotImplementedError, or TODO comment.
info MINED050 Stub Only Function CWE-1188
examples/by_feature/gradient_accumulation_for_autoregressive_models.py:163 · conf 1.00 
[MINED050] Stub Only Function: Function declared but body is just pass, return None, raise NotImplementedError, or TODO comment.
info MINED050 Stub Only Function CWE-1188
examples/by_feature/gradient_accumulation.py:129 · conf 1.00 
[MINED050] Stub Only Function: Function declared but body is just pass, return None, raise NotImplementedError, or TODO comment.
info MINED055 Npm Install No Lockfile CWE-1357
examples/inference/distributed/distributed_speech_generation.py:35 · conf 1.00 
[MINED055] Npm Install No Lockfile: Production image runs npm install (resolves new versions on every build) instead of npm ci.
info MINED055 Npm Install No Lockfile CWE-1357
examples/inference/distributed/florence2.py:36 · conf 1.00 
[MINED055] Npm Install No Lockfile: Production image runs npm install (resolves new versions on every build) instead of npm ci.
info MINED062 Python Dataclass No Fields
src/accelerate/parallelism_config.py:33 · conf 1.00 
[MINED062] Python Dataclass No Fields: @dataclass over an empty class — unfinished model.
info MINED062 Python Dataclass No Fields
src/accelerate/utils/dataclasses.py:113 · conf 1.00 
[MINED062] Python Dataclass No Fields: @dataclass over an empty class — unfinished model.
info MINED062 Python Dataclass No Fields
src/accelerate/utils/environment.py:250 · conf 1.00 
[MINED062] Python Dataclass No Fields: @dataclass over an empty class — unfinished model.
info MINED063 Toctou Os Path Exists CWE-367
src/accelerate/utils/deepspeed.py:141 · conf 1.00 
[MINED063] Toctou Os Path Exists: if os.path.exists(p): open(p) — file can be replaced/deleted between check and use.
info MINED064 Python Input Call
src/accelerate/accelerator.py:3074 · conf 1.00 
[MINED064] Python Input Call: input() blocks for stdin. Inappropriate in services.
info MINED064 Python Input Call
src/accelerate/commands/config/config_utils.py:50 · conf 1.00 
[MINED064] Python Input Call: input() blocks for stdin. Inappropriate in services.
info MINED064 Python Input Call
src/accelerate/commands/menu/selection_menu.py:134 · conf 1.00 
[MINED064] Python Input Call: input() blocks for stdin. Inappropriate in services.
info MINED069 Debug True Prod CWE-489
src/accelerate/launchers.py:308 · conf 1.00 
[MINED069] Debug True Prod: Django/Flask DEBUG=True or app.debug=True in non-test files.
info MINED072 Python Pass Only Class CWE-1188
src/accelerate/test_utils/testing.py:822 · conf 1.00 
[MINED072] Python Pass Only Class: class Foo: pass — stub waiting to be filled in.
info MINED072 Python Pass Only Class CWE-1188
src/accelerate/utils/operations.py:739 · conf 1.00 
[MINED072] Python Pass Only Class: class Foo: pass — stub waiting to be filled in.
info MINED077 Python Open No Context CWE-772
setup.py:61 · conf 1.00 
[MINED077] Python Open No Context: fp = open(path) outside with-block leaks file handles.
info MINED079 Off By One Slice CWE-193
src/accelerate/commands/menu/selection_menu.py:141 · conf 1.00 
[MINED079] Off By One Slice: range(len(x)+1), arr[i+1:i+n+1], or while i<=len(arr) — off-by-one risk.
info MINED079 Off By One Slice CWE-193
src/accelerate/utils/modeling.py:690 · conf 1.00 
[MINED079] Off By One Slice: range(len(x)+1), arr[i+1:i+n+1], or while i<=len(arr) — off-by-one risk.

Reading from rp.scan + rp.finding + rp.rule (unified schema, R78 series). Legacy data path unchanged. Compare with /scan/997bbbe3-2683-4e32-a73e-484d75ceba8d/.