Skip to content

07. Security & Safety

Topic Status
Pipeline auth Local hf CLI credentials for upload
Secrets in git Not found; .env* ignored
browser-lab Open CORS; POST can write fixture JSON (local-dev)
Model class Classical NMT — no agent tools
Supply chain Pinned deps + uv.lock

Interview angle

Risk is mainly credential handling for Hub uploads and trusting published weights downstream — not runtime sandboxing.