This is a comprehensive attack playbook covering the full spectrum of ML security risks, from pickle deserialization RCE in PyTorch model files to adversarial examples and federated learning poisoning. It walks through concrete exploits like backdooring Hugging Face models, crafting physical-world adversarial patches, and extracting black-box models via API queries. The skill includes actual attack code, detection signals for malicious models, and comparison tables for different threat vectors (FGSM vs PGD vs C&W, safetensors vs pickle formats). Use this when you need to assess ML system security beyond basic prompt injection, especially for supply chain risks in model downloads or when evaluating robustness against data poisoning and model extraction attacks.
npx skills add https://github.com/yaklang/hack-skills --skill ai-ml-security