Environment:Protectai Modelscan H5py Optional
| Knowledge Sources | |
|---|---|
| Domains | Infrastructure, Security, Deep_Learning |
| Last Updated | 2026-02-14 12:00 GMT |
Overview
Optional h5py >= 3.9.0 dependency required for scanning Keras H5 (`.h5`) model files for Lambda layer code injection.
Description
This environment extends the core ModelScan runtime with h5py support. When h5py is installed, ModelScan can open HDF5-format Keras model files and inspect the `model_config` attribute for Lambda layers that may contain arbitrary Python code. Without h5py, the `H5LambdaDetectScan` scanner gracefully degrades by returning a `DependencyError`.
The h5py dependency is declared as an optional extra in `pyproject.toml` and is conditionally imported at the scanner module level.
Usage
Use this environment when scanning Keras H5 (`.h5`) model files. If you only need to scan pickle, PyTorch, NumPy, TensorFlow SavedModel, or `.keras` format files, this environment is not required.
System Requirements
| Category | Requirement | Notes |
|---|---|---|
| OS | Linux, macOS, Windows | h5py is cross-platform |
| Hardware | Standard CPU | No GPU required for scanning |
| Disk | Minimal | h5py package is relatively small |
Dependencies
System Packages
- `libhdf5` (may be needed on some systems for h5py compilation)
Python Packages
- All core runtime dependencies (see Environment:Protectai_Modelscan_Python_Core_Runtime)
- `h5py` >= 3.9.0
Credentials
No additional credentials required.
Quick Install
# Install modelscan with h5py extras
pip install 'modelscan[h5py]'
# Or install h5py separately
pip install h5py>=3.9.0
Code Evidence
Optional dependency declaration in `pyproject.toml:20,28`:
h5py = { version = "^3.9.0", optional = true }
[tool.poetry.extras]
h5py = ["h5py"]
Conditional import with graceful fallback from `scanners/h5/scan.py:6-11`:
try:
import h5py
h5py_installed = True
except ImportError:
h5py_installed = False
Dependency check returning error instead of crash from `scanners/h5/scan.py:36-48`:
dep_error = self.handle_binary_dependencies()
if dep_error:
return ScanResults(
[],
[
DependencyError(
self.name(),
f"To use {self.full_name()}, please install modelscan with h5py extras. "
"`pip install 'modelscan[ h5py ]'` if you are using pip.",
model,
)
],
[],
)
HDF5 model_config attribute check from `scanners/h5/scan.py:97-103`:
def _check_model_config(self, model: Model) -> bool:
with h5py.File(model.get_stream()) as model_hdf5:
if "model_config" in model_hdf5.attrs.keys():
return True
else:
logger.error(f"Model Config not found in: {model.get_source()}")
return False
Common Errors
| Error Message | Cause | Solution |
|---|---|---|
| `DEPENDENCY` error: "To use modelscan.scanners.H5LambdaDetectScan, please install modelscan with h5py extras." | h5py not installed | `pip install 'modelscan[h5py]'` |
| `Model Config not found` (skip) | H5 file missing `model_config` attribute | File may not be a Keras model; skipped with `MODEL_CONFIG` category |
| `Not a valid JSON data` | Corrupted model_config JSON in H5 file | Model file may be corrupted or malformed |
Compatibility Notes
- Source type limitation: There is a known issue noted in `scanners/h5/scan.py:106`: "Todo: source isn't guaranteed to be a file". The h5py `File()` constructor expects file-like objects, but sources from within zip archives may not fully support h5py's expectations.
- h5py and TensorFlow: The `H5LambdaDetectScan` inherits from `SavedModelLambdaDetectScan` for the `_check_for_unsafe_tf_keras_operator` method. TensorFlow is used for operator enumeration but h5py handles the file reading.