From f290a6bb5acbddaa3c12789994d9bb4ce9f1c054 Mon Sep 17 00:00:00 2001
From: Tsunami Team <tsunami-dev@google.com>
Date: Thu, 29 Feb 2024 09:13:35 -0800
Subject: [PATCH] Internal

PiperOrigin-RevId: 611493596
Change-Id: I9a71ea02dbb47a33d145fae654b908c2d9446052
---
 .../detectors/exposedui/pytorch_serve/README.md   | 15 ++++-----------
 1 file changed, 4 insertions(+), 11 deletions(-)

diff --git a/google/detectors/exposedui/pytorch_serve/README.md b/google/detectors/exposedui/pytorch_serve/README.md
index 4c8ee8deb..e7228b39d 100644
--- a/google/detectors/exposedui/pytorch_serve/README.md
+++ b/google/detectors/exposedui/pytorch_serve/README.md
@@ -1,15 +1,8 @@
-# Example VulnDetector utilizing the payload generation framework
+# Exposed Pytorch Serve Notebook Detector
 
-This is an example implementation of a `VulnDetector` plugin for Tsunami that
-uses Tsunami's optional payload generation framework. This framework is designed
-to automatically select the best payload for a detector, taking out the
-guesswork when writing a new detector and reducing false positives. If
-configured, the framework will automatically utilize the
-[Tsunami Callback Server](https://github.com/google/tsunami-security-scanner-callback-server),
-which helps further validate findings.
-
-Detectors targeting remote code executions (RCE) and server-side request forgery
-(SSRF) vulnerabilities are ideal candidates for using the payload framework.
+This detector checks whether a Pytorch Serve API is exposed.
+Pytorch Serve API allows a request to upload arbitrary models.
+Having it exposed puts the hosting VM at risk of RCE.
 
 ## Build jar file for this plugin