Jump to content

Connect Leeroopedia MCP: Equip your AI agents to search best practices, build plans, verify code, diagnose failures, and look up hyperparameter defaults.

Implementation:Protectai Modelscan Issues Group By Severity

From Leeroopedia
Knowledge Sources
Domains ML_Security, Risk_Assessment
Last Updated 2026-02-14 12:00 GMT

Overview

Concrete tool for tracking, grouping, and classifying security issues found during model scanning, provided by the modelscan issues module.

Description

The Issues class is a collection container for Issue objects found during scanning. Its primary method, group_by_severity(), aggregates all detected issues by their IssueSeverity level (LOW, MEDIUM, HIGH, CRITICAL), returning a dictionary for structured reporting. The IssueSeverity enum defines the four-tier classification, and Issue wraps a code identifier, severity level, and details object (typically OperatorIssueDetails).

Usage

Use these classes when processing scan results programmatically to:

  • Group issues by severity for prioritized remediation
  • Access individual issue details (module, operator, source file)
  • Build custom reporting or alerting on top of scan results
  • Implement CI/CD gates based on severity thresholds

Code Reference

Source Location

  • Repository: modelscan
  • File: modelscan/issues.py
  • Lines: L14-123

Signature

class IssueSeverity(Enum):
    LOW = 1
    MEDIUM = 2
    HIGH = 3
    CRITICAL = 4

class Issue:
    def __init__(
        self,
        code: Property,
        severity: IssueSeverity,
        details: IssueDetails,
    ) -> None:
        """
        Args:
            code: Issue type identifier (e.g., IssueCode.UNSAFE_OPERATOR).
            severity: Severity level from IssueSeverity enum.
            details: IssueDetails implementation with operator/module info.
        """

class Issues:
    all_issues: List[Issue]

    def __init__(self, issues: Optional[List[Issue]] = None) -> None:
        """Initialize with optional pre-existing issue list."""

    def add_issue(self, issue: Issue) -> None:
        """Add a single issue."""

    def add_issues(self, issues: List[Issue]) -> None:
        """Add a list of issues."""

    def group_by_severity(self) -> Dict[str, List[Issue]]:
        """Group issues by severity name (e.g., 'CRITICAL', 'HIGH')."""

Import

from modelscan.issues import Issues, Issue, IssueSeverity, IssueCode

I/O Contract

Inputs

Name Type Required Description
issues Optional[List[Issue]] No Pre-existing list of issues (defaults to empty list)
issue Issue Yes (for add_issue) Single Issue object to add to the collection

Outputs

Name Type Description
all_issues List[Issue] Flat list of all Issue objects in the collection
group_by_severity() returns Dict[str, List[Issue]] Dictionary mapping severity name strings ('CRITICAL', 'HIGH', 'MEDIUM', 'LOW') to lists of Issue objects at that severity

Usage Examples

Group Issues by Severity After Scan

from modelscan.modelscan import ModelScan

scanner = ModelScan()
scanner.scan("/path/to/model.pkl")

# Access the Issues collection
issues = scanner.issues

# Group by severity
by_severity = issues.group_by_severity()

# Check for critical issues
if "CRITICAL" in by_severity:
    print(f"CRITICAL issues: {len(by_severity['CRITICAL'])}")
    for issue in by_severity["CRITICAL"]:
        print(f"  {issue.details.module}.{issue.details.operator}")

Implement CI/CD Gate

from modelscan.modelscan import ModelScan

scanner = ModelScan()
scanner.scan("/path/to/model.pkl")

by_severity = scanner.issues.group_by_severity()

# Fail pipeline if any CRITICAL or HIGH issues found
critical_count = len(by_severity.get("CRITICAL", []))
high_count = len(by_severity.get("HIGH", []))

if critical_count > 0 or high_count > 0:
    print(f"BLOCKED: {critical_count} critical, {high_count} high severity issues")
    exit(1)

Related Pages

Implements Principle

Requires Environment

Page Connections

Double-click a node to navigate. Hold to expand connections.
Principle
Implementation
Heuristic
Environment