Possible to apply heuristics scan to pickle files? #34
Description
I'm not so familiar with pickling and these scans. However, I wondered if maybe there are heuristics or signatures for certain types of pickle files that could be evaluated.
If you knew for example that a pickle file should be for a stable diffusion model, some properties could be examined that might help to verify a bit more.
If so, could set up something like a /signatures directoy and let people pull request in definitions, then could scan -security -sig='signatures/typename'
This can be closed, just wanted to pass the idea by in case it could be useful