LLMScan — Frequently Asked Questions

What file formats do you support?

GGUF and ONNX today. Safetensors is planned.

What risks are detected?

We perform static checks (headers, sizes, hashes) and correlate with known CVEs where applicable. We flag suspicious patterns (e.g., unsafe external data in ONNX) but we don’t claim exploitability without further validation.

Do you upload files to your servers?

Yes, for processing the scan — but only temporarily. See Security & Privacy for retention and isolation details.

How long do you retain files?

Files are deleted automatically within 24 hours (or sooner) after scanning. Operational logs exclude model contents.

Mobile models?

Supported if you can provide the raw model file (e.g., extracted from device or build artifacts).

How is this different from jailbreak/endpoint testing?

LLMScan analyzes the file (GGUF/ONNX), not the model’s conversational behaviour behind an API endpoint.

Can I run it locally?

A CLI/on-prem agent is on our roadmap.

Limitations

Static scanning can’t guarantee absence of risk. Treat results as a security signal, not a formal audit.

False positives / contact

Report issues via contact@llmscan.online.