This highlights the critical need for Model Supply Chain scanning for Enterprises that adopt AI. Full disclosure, I am co-founder CEO of Javelin (www.getjavelin.com) and we ran your model through Javelin's Supply Chain Scanner (Palisade) and it immediately identified the errors:

uv run palisade --verbose scan-dir "models/bad_qwen3_sft_playwright_gguf_v2/" --format json Scanning directory: models/bad_qwen3_sft_playwright_gguf_v2 Recursive: False Policy: Default security policy

  Running ToolCallSecurityValidator (3.8s) - 1 critical warning found
  Detection Details:
  - Risk Score: 1.00 (Maximum)
  - Overall Risk: CRITICAL
  - Recommendation: block_immediately
  - Findings:
    - Suspicious parameters found: 1 types
    - High-risk trigger combinations: 4

   Detected Model behavioral backdoor (ToolCallSecurityValidator)
   Identified format string vulnerabilities (BufferOverflowValidator)
   Found injection indicators (ModelIntegrityValidator)
   Discovered tampering evidence (ModelIntegrityValidator)
   Located data exfiltration patterns(SupplyChainValidator)

▲ jalbrethsen 2 days ago | parent [-]

Author here, this looks very cool, I wasn't aware such tools existed already. The model I created for that blog was kind of a crude PoC, but it's encouraging that it at least can be detected. Do you mind giving a high level overview how Palisade works?

	▲	sharathr a day ago \| parent [-]
		Palisade works by utilizing dozens of specialized research backed security validators that work together to validate models across different formats (GGUF, SafeTensors, Pickle etc.,) and model families (BERT, Llama etc.,) for things like backdoor detection, supply chain vulnerabilities in the model files and model metadata. Any hidden embedded tool-calling logic can be activated by specific triggers which can be detected through a combination of static scan, schema analysis, trigger & instruction detection in models.