Skip to main content

model-security scans

model-security scans list

List model security scans

airs model-security scans list [options]

Options

FlagRequiredDefaultDescription
--eval-outcome <outcome>NoFilter by eval outcome
--source-type <type>NoFilter by source type
--scan-origin <origin>NoFilter by scan origin
--search <query>NoSearch scans
--limit <n>No20Max results
--output <format>NoprettyOutput format: pretty, table, csv, json, yaml

Examples

List model security scans

airs model-security scans list
Model Security Scans:

7a7e1cdf-a6b1-4743-a5f2-a7bd96ec7bab
BLOCKED HUGGING_FACE 2026-03-03T22:32:12.344402Z
https://huggingface.co/microsoft/DialoGPT-medium
Rules: 10 passed 1 failed / 11 total
ee71b4da-64ce-4d6c-96fb-2bced1154a06
ALLOWED MODEL_SECURITY_SDK 2026-03-03T22:21:44.130386Z
/Users/cdot/models/qwen3-0.6b-saffron-merged
Rules: 6 passed 0 failed / 6 total

model-security scans get

Get scan details

airs model-security scans get [options] <uuid>

Arguments

  • uuid (required) —

Examples

Pretty output (default; no --output flag on this command). Re-run after scan completes to see final Outcome + rule counts.

airs model-security scans get 00000000-0000-0000-0000-000000000002
Prisma AIRS — Model Security
ML model supply chain security


Scan Detail:

UUID: 00000000-0000-0000-0000-000000000002
Outcome: BLOCKED
Model URI: https://huggingface.co/hf-internal-testing/tiny-random-bert
Origin: MODEL_SECURITY_SDK
Source: HUGGING_FACE
Group: group-docs-test
Created: 2026-05-26T10:22:18.284287Z
Updated: 2026-05-26T10:22:18.346345Z
Rules: 7 passed 4 failed / 11 total

model-security scans create

Create a model security scan

airs model-security scans create [options]

Options

FlagRequiredDefaultDescription
--config <path>YesJSON file with scan configuration

Examples

*Submit a Hugging Face model URI to be scanned by the AIRS backend. For HF URIs you provide model_uri + security_group_uuid + scan_origin only; the backend fetches and scans the model and the resulting outcome is available via scans get shortly after. See docs/cli/examples/model-security/scan-create.json. *

airs model-security scans create --config docs/cli/examples/model-security/scan-create.json
Prisma AIRS — Model Security
ML model supply chain security

Scan created: 00000000-0000-0000-0000-000000000002


Scan Detail:

UUID: 00000000-0000-0000-0000-000000000002
Outcome: PENDING
Model URI: https://huggingface.co/hf-internal-testing/tiny-random-bert
Origin: MODEL_SECURITY_SDK
Source: HUGGING_FACE
Group: group-docs-test
Created: 2026-05-26T10:22:18.284287Z
Updated: 2026-05-26T10:22:18.284287Z

model-security scans evaluations

List rule evaluations for a scan

airs model-security scans evaluations [options] <scanUuid>

Arguments

  • scanUuid (required) —

Options

FlagRequiredDefaultDescription
--limit <n>No20Max results

Examples

List rule evaluations for a scan (one row per rule the scan was checked against)

airs model-security scans evaluations 00000000-0000-0000-0000-000000000002
Prisma AIRS — Model Security
ML model supply chain security


Rule Evaluations:

00000000-0000-0000-0000-000000000004
License Exists FAILED BLOCKING
00000000-0000-0000-0000-000000000005
License Is Valid For Use FAILED BLOCKING
00000000-0000-0000-0000-000000000006
Model Is Blocked PASSED BLOCKING
00000000-0000-0000-0000-000000000007
Organization Is Blocked PASSED BLOCKING
00000000-0000-0000-0000-000000000008
Organization Verified By Hugging Face FAILED BLOCKING
00000000-0000-0000-0000-000000000009
Stored In Approved File Format FAILED BLOCKING
00000000-0000-0000-0000-00000000000a
Known Framework Operators Check PASSED ALLOWING
00000000-0000-0000-0000-00000000000b
Load Time Code Execution Check PASSED BLOCKING
00000000-0000-0000-0000-00000000000c
Model Architecture Backdoor Check PASSED BLOCKING
00000000-0000-0000-0000-00000000000d
Runtime Code Execution Check PASSED BLOCKING
00000000-0000-0000-0000-00000000000e
Suspicious Model Components Check PASSED BLOCKING

model-security scans evaluation

Get evaluation details

airs model-security scans evaluation [options] <uuid>

Arguments

  • uuid (required) —

Examples

Get details for a single rule evaluation (UUID from scans evaluations)

airs model-security scans evaluation 00000000-0000-0000-0000-000000000004
Prisma AIRS — Model Security
ML model supply chain security


Evaluation Detail:

UUID: 00000000-0000-0000-0000-000000000004
Rule: License Exists
Description: Models should have a license
Instance UUID: 00000000-0000-0000-0000-00000000000f
Instance State: BLOCKING
Result: FAILED
Violations: 1

model-security scans violations

List violations for a scan

airs model-security scans violations [options] <scanUuid>

Arguments

  • scanUuid (required) —

Options

FlagRequiredDefaultDescription
--limit <n>No20Max results

Examples

List violations for a scan

airs model-security scans violations 00000000-0000-0000-0000-000000000002
Prisma AIRS — Model Security
ML model supply chain security


Violations:

00000000-0000-0000-0000-000000000010
Organization Verified By Hugging Face
The org/model pair (**hf-internal-testing/tiny-random-bert**) is denied since it has not been explicitly approved
Threat:
00000000-0000-0000-0000-000000000011
License Exists
input data has a null license
Threat:
00000000-0000-0000-0000-000000000012
Stored In Approved File Format pytorch_model.bin
Model file `pytorch_model.bin` is stored in an unapproved format: **pytorch_v1_13**
Threat: UNAPPROVED_FORMATS
00000000-0000-0000-0000-000000000013
Stored In Approved File Format pytorch_model.bin
Model file `pytorch_model.bin` is stored in an unapproved format: **zip**
Threat: UNAPPROVED_FORMATS
00000000-0000-0000-0000-000000000014
Stored In Approved File Format tf_model.h5
Model file `tf_model.h5` is stored in an unapproved format: **keras_weights**
Threat: UNAPPROVED_FORMATS
00000000-0000-0000-0000-000000000015
Stored In Approved File Format vocab.txt
Model file `vocab.txt` is stored in an unapproved format: **openvino_bin**
Threat: UNAPPROVED_FORMATS
00000000-0000-0000-0000-000000000016
Stored In Approved File Format onnx/model.onnx
Model file `onnx/model.onnx` is stored in an unapproved format: **onnx**
Threat: UNAPPROVED_FORMATS
00000000-0000-0000-0000-000000000017
License Is Valid For Use
Invalid license: **null**
Threat:

model-security scans violation

Get violation details

airs model-security scans violation [options] <uuid>

Arguments

  • uuid (required) —

Examples

Get details for a single violation (UUID from scans violations)

airs model-security scans violation 00000000-0000-0000-0000-000000000010
Prisma AIRS — Model Security
ML model supply chain security


Violation Detail:

UUID: 00000000-0000-0000-0000-000000000010
Rule: Organization Verified By Hugging Face
Description: Organization that produced the model should be verified by Hugging Face
State: BLOCKING
File:
Threat:
Detail: The org/model pair (**hf-internal-testing/tiny-random-bert**) is denied since it has not been explicitly approved

model-security scans files

List scanned files

airs model-security scans files [options] <scanUuid>

Arguments

  • scanUuid (required) —

Options

FlagRequiredDefaultDescription
--type <type>NoFilter by file type
--result <result>NoFilter by result
--limit <n>No20Max results

Examples

List files the scanner processed (FAILED rows are the ones with violations)

airs model-security scans files 00000000-0000-0000-0000-000000000002
Prisma AIRS — Model Security
ML model supply chain security


Scanned Files:

SUCCESS FILE config.json [json]
SKIPPED FILE .gitattributes
SUCCESS FILE model.safetensors [safetensors]
SUCCESS DIRECTORY onnx
FAILED FILE pytorch_model.bin [zip, pytorch_v1_13]
SUCCESS FILE special_tokens_map.json [json]
FAILED FILE tf_model.h5 [keras_weights]
SUCCESS FILE tokenizer_config.json [json]
SUCCESS FILE tokenizer.json [json]
FAILED FILE vocab.txt [openvino_bin]