Implementation:Protectai Modelscan Issues Group By Severity
| Knowledge Sources | |
|---|---|
| Domains | ML_Security, Risk_Assessment |
| Last Updated | 2026-02-14 12:00 GMT |
Overview
Concrete tool for tracking, grouping, and classifying security issues found during model scanning, provided by the modelscan issues module.
Description
The Issues class is a collection container for Issue objects found during scanning. Its primary method, group_by_severity(), aggregates all detected issues by their IssueSeverity level (LOW, MEDIUM, HIGH, CRITICAL), returning a dictionary for structured reporting. The IssueSeverity enum defines the four-tier classification, and Issue wraps a code identifier, severity level, and details object (typically OperatorIssueDetails).
Usage
Use these classes when processing scan results programmatically to:
- Group issues by severity for prioritized remediation
- Access individual issue details (module, operator, source file)
- Build custom reporting or alerting on top of scan results
- Implement CI/CD gates based on severity thresholds
Code Reference
Source Location
- Repository: modelscan
- File: modelscan/issues.py
- Lines: L14-123
Signature
class IssueSeverity(Enum):
LOW = 1
MEDIUM = 2
HIGH = 3
CRITICAL = 4
class Issue:
def __init__(
self,
code: Property,
severity: IssueSeverity,
details: IssueDetails,
) -> None:
"""
Args:
code: Issue type identifier (e.g., IssueCode.UNSAFE_OPERATOR).
severity: Severity level from IssueSeverity enum.
details: IssueDetails implementation with operator/module info.
"""
class Issues:
all_issues: List[Issue]
def __init__(self, issues: Optional[List[Issue]] = None) -> None:
"""Initialize with optional pre-existing issue list."""
def add_issue(self, issue: Issue) -> None:
"""Add a single issue."""
def add_issues(self, issues: List[Issue]) -> None:
"""Add a list of issues."""
def group_by_severity(self) -> Dict[str, List[Issue]]:
"""Group issues by severity name (e.g., 'CRITICAL', 'HIGH')."""
Import
from modelscan.issues import Issues, Issue, IssueSeverity, IssueCode
I/O Contract
Inputs
| Name | Type | Required | Description |
|---|---|---|---|
| issues | Optional[List[Issue]] | No | Pre-existing list of issues (defaults to empty list) |
| issue | Issue | Yes (for add_issue) | Single Issue object to add to the collection |
Outputs
| Name | Type | Description |
|---|---|---|
| all_issues | List[Issue] | Flat list of all Issue objects in the collection |
| group_by_severity() returns | Dict[str, List[Issue]] | Dictionary mapping severity name strings ('CRITICAL', 'HIGH', 'MEDIUM', 'LOW') to lists of Issue objects at that severity |
Usage Examples
Group Issues by Severity After Scan
from modelscan.modelscan import ModelScan
scanner = ModelScan()
scanner.scan("/path/to/model.pkl")
# Access the Issues collection
issues = scanner.issues
# Group by severity
by_severity = issues.group_by_severity()
# Check for critical issues
if "CRITICAL" in by_severity:
print(f"CRITICAL issues: {len(by_severity['CRITICAL'])}")
for issue in by_severity["CRITICAL"]:
print(f" {issue.details.module}.{issue.details.operator}")
Implement CI/CD Gate
from modelscan.modelscan import ModelScan
scanner = ModelScan()
scanner.scan("/path/to/model.pkl")
by_severity = scanner.issues.group_by_severity()
# Fail pipeline if any CRITICAL or HIGH issues found
critical_count = len(by_severity.get("CRITICAL", []))
high_count = len(by_severity.get("HIGH", []))
if critical_count > 0 or high_count > 0:
print(f"BLOCKED: {critical_count} critical, {high_count} high severity issues")
exit(1)
Related Pages
Implements Principle
Requires Environment
Page Connections
Double-click a node to navigate. Hold to expand connections.
Principle
Implementation
Heuristic
Environment