Environment:Protectai Modelscan Python Core Runtime
| Knowledge Sources | |
|---|---|
| Domains | Infrastructure, Security |
| Last Updated | 2026-02-14 12:00 GMT |
Overview
Python 3.10-3.12 environment with Click, NumPy, Rich, and tomlkit for running the ModelScan CLI security scanning tool.
Description
This environment defines the core runtime for ModelScan, a tool that detects unsafe operations in serialized ML model files. It requires Python 3.10 or higher (up to 3.12) and a set of mandatory dependencies: Click for CLI handling, NumPy for binary format parsing, Rich for console reporting, and tomlkit for settings file management. No GPU or special hardware is required — ModelScan performs static analysis of model file bytecode, not model inference.
Usage
Use this environment for all ModelScan operations: CLI scanning, programmatic scanning, and settings file generation. This is the base requirement for every workflow in the repository. Optional dependencies (TensorFlow, h5py) extend scanning capabilities to additional model formats but are not required for pickle, PyTorch, or NumPy scanning.
System Requirements
| Category | Requirement | Notes |
|---|---|---|
| OS | Linux, macOS, Windows | Cross-platform Python package |
| Hardware | Standard CPU | No GPU required; static analysis only |
| Disk | Minimal | Only needs space for model files being scanned |
Dependencies
System Packages
- No system-level packages required beyond a Python installation
Python Packages
- `python` >= 3.10, < 3.13
- `click` >= 8.1.3
- `numpy` >= 1.24.3
- `rich` >= 13.4.2, < 15.0.0
- `tomlkit` >= 0.12.3, < 0.14.0
- `setuptools` == 80.9.0
Credentials
No credentials or environment variables are required for core operation.
The following optional variable is used in test environments only:
- `TF_USE_LEGACY_KERAS`: Set to `"1"` in tests to enable legacy Keras API compatibility with newer TensorFlow versions.
Quick Install
# Install modelscan with core dependencies only
pip install modelscan
# Or install from source
pip install click>=8.1.3 numpy>=1.24.3 "rich>=13.4.2,<15.0.0" "tomlkit>=0.12.3,<0.14.0"
Code Evidence
Python version constraint from `pyproject.toml:15`:
python = ">=3.10,<3.13"
Core dependency declarations from `pyproject.toml:16-19`:
click = "^8.1.3"
numpy = ">=1.24.3"
rich = ">=13.4.2,<15.0.0"
tomlkit = ">=0.12.3,<0.14.0"
Settings file auto-discovery using `os.getcwd()` from `cli.py:108-110`:
settings_file_path = Path(
settings_file if settings_file else f"{os.getcwd()}/modelscan-settings.toml"
)
Common Errors
| Error Message | Cause | Solution |
|---|---|---|
| `ModuleNotFoundError: No module named 'click'` | Core dependency not installed | `pip install click>=8.1.3` |
| `ModuleNotFoundError: No module named 'rich'` | Core dependency not installed | `pip install "rich>=13.4.2"` |
| `No settings file detected at .../modelscan-settings.toml. Using defaults.` | No custom settings file in CWD | Normal behavior; use `modelscan create-settings-file` to create one |
Compatibility Notes
- Python 3.12: Supported, but TensorFlow extras may have limited compatibility (see TODO in `pyproject.toml:23`: "Add py3.12 once TF release supports").
- Python < 3.10: Not supported. The `>=3.10` constraint is enforced by the package metadata.
- Python >= 3.13: Not supported. The `<3.13` upper bound is explicitly set.
Related Pages
- Implementation:Protectai_Modelscan_ModelScan_Scan
- Implementation:Protectai_Modelscan_CLI_Scan_Command
- Implementation:Protectai_Modelscan_Settings_Configuration
- Implementation:Protectai_Modelscan_ConsoleReport_Generate
- Implementation:Protectai_Modelscan_ScanBase
- Implementation:Protectai_Modelscan_Model
- Implementation:Protectai_Modelscan_FormatViaExtensionMiddleware
- Implementation:Protectai_Modelscan_Issues_Group_By_Severity
- Implementation:Protectai_Modelscan_OperatorIssueDetails