- Overview
- Getting Started
- Quick Start Guide
- Core Concepts
- Users
- Models
- Creating a Model
- Model Card
- Creating a Release
- Uploading Files
- Uploading Images
- Model Templating
- Data Cards
- Creating a Data Card
- Managing Data Cards
- Using a Model
- Browsing the Marketplace
- Requesting Access
- Using a Pushed Docker Image
- Downloading Files
- Reviews
- Understanding Reviews
- Reviewing
- Reviewing a Release
- Reviewing an Access Request
- Reviewing a Model Card Lifecycle
- Review Outcomes
- Security Scanning
- File Scanning
- Image Scanning
- Inferencing
- Creating an Inference Service
- Managing Inference Services
- Model Mirroring
- Creating a Mirrored Model
- Editing a Mirrored Model Card
- Untrusted Models
- Untrusted Models
- Deletion
- Deleting a File
- Deleting a Model
- Soft Deletion
- Programmatic Access
- Authentication
- Personal Access Tokens
- Python Client
- OpenAPI Reference
- Webhooks
- Administration
- Getting Started
- Deployment Architecture
- App Configuration
- Model Lifecycle Configuration
- Schemas
- Understanding Schemas
- Create a Schema
- Upload a Schema
- Schema Migrations
- Review Roles
- Managing Review Roles
- Assigning Roles to Schemas
- Federation
- Peer Integration
- Microservices
- Artefact Scanners
- Helm
- Basic Usage
- Configuration
- Isolated Environments
- Migrations
- Bailo v0.4
- Bailo v2.0
- DataBase Scripts
- Reference
- Glossary
- Roles & Permissions
- Troubleshooting & FAQ
Artefact Scanners
Common questions this page answers:
- What scanners does Bailo use?
- How do I configure artefact scanning?
- What is the ArtefactScan service?
Within Bailo, it is possible to optionally deploy artefact scanners which are designed to help manage any potential risk of artefacts being uploaded with potentially malicious contents.
The scanners currently supported by Bailo are:
- ClamAV - traditional antivirus scanning for uploaded files
- ArtefactScan - Bailo scanning service that orchestrates multiple scanners
ClamAV
ClamAV provides traditional antivirus malware detection for uploaded files.
- Uses the official ClamAV Docker image
- Integrated via a custom connector
- Communicates using
clamscan
ClamAV® is an open-source antivirus engine for detecting trojans, viruses, malware & other malicious threats.
ArtefactScan (Service)
ArtefactScan is an umbrella scanning service within Bailo.
- Provides a single REST API for scanning
- Routes artefacts to the appropriate scanner based on artefact type
- Keeps scanner implementations explicit and interchangeable
- Normalises scan orchestration (not scan results)
Scanners exposed via ArtefactScan:
- ModelScan (
/scan/file) - Trivy (
/scan/image)
ModelScan
ModelScan is used to analyse uploaded model artefacts for unsafe or malicious content.
- Provided via the ArtefactScan REST API
- Integrated using a custom connector
- Scans files such as Pickle, H5, and SavedModel formats
ModelScan is an open source project from Protect AI that scans models to determine if they contain unsafe code. It is the first model scanning tool to support multiple model formats. ModelScan currently supports: H5, Pickle, and SavedModel formats. This protects you when using PyTorch, TensorFlow, Keras, Sklearn, XGBoost, with more on the way.
Trivy
Trivy is used to analyse container image layers for known vulnerabilities and to generate SBOMs.
- Provided via the ArtefactScan REST API
- Integrated using a custom connector
- Scans uploaded image layer tarballs (overlay filesystems)
- Uses a locally cached Trivy vulnerability database
Trivy is an open-source vulnerability scanner from Aqua Security for containers and other artefacts.
Minimal configuration
Configure scanner settings in the backend application configuration. These settings will apply to all scanners.
- connectors.artefactScanners.kinds - List of enabled artefact scanner kinds. Default:
[] - connectors.artefactScanners.retryDelayInMinutes - Minutes between repeated scans of the same artefact. Default:
60. - connectors.artefactScanners.maxInitRetries - Number of startup connection attempts before failing. Default:
5 - connectors.artefactScanners.initRetryDelay - Delay between successive startup pings (milliseconds). Default:
5000. - connectors.artefactScanners.scanTimeoutMs - Number of milliseconds waited before a scan times out. Default:
60000.
Enabling or disabling specific scanners is handled via connector configuration and deployed microservices.
Copyright © Crown Copyright 2026.
