{"id":13456719,"url":"https://github.com/google/magika","last_synced_at":"2026-02-25T12:29:01.356Z","repository":{"id":222728423,"uuid":"681566005","full_name":"google/magika","owner":"google","description":"Fast and accurate AI powered file content types detection ","archived":false,"fork":false,"pushed_at":"2026-02-11T22:30:07.000Z","size":85691,"stargazers_count":10104,"open_issues_count":123,"forks_count":490,"subscribers_count":41,"default_branch":"main","last_synced_at":"2026-02-11T23:55:35.883Z","etag":null,"topics":["ai","deep-learning","filetype","keras-classification-models","keras-models","mime-types","onnx"],"latest_commit_sha":null,"homepage":"https://securityresearch.google/magika/","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/google.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":"CITATION.cff","codeowners":".github/CODEOWNERS","security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2023-08-22T09:36:55.000Z","updated_at":"2026-02-11T15:32:08.000Z","dependencies_parsed_at":"2024-02-15T22:31:53.586Z","dependency_job_id":"bf2d2665-370c-4360-a8c7-6327e9c8d1ae","html_url":"https://github.com/google/magika","commit_stats":null,"previous_names":["google/magika"],"tags_count":40,"template":false,"template_full_name":null,"purl":"pkg:github/google/magika","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fmagika","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fmagika/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fmagika/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fmagika/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/google","download_url":"https://codeload.github.com/google/magika/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fmagika/sbom","scorecard":{"id":1238803,"data":{"date":"2025-10-14T22:53:07Z","repo":{"name":"github.com/google/magika","commit":"8574b8f5deac7e3b0a1b4790f6b9d7aef6f4b6e6"},"scorecard":{"version":"v5.3.0","commit":"c22063e786c11f9dd714d777a687ff7c4599b600"},"score":6.5,"checks":[{"name":"Code-Review","score":6,"reason":"Found 7/11 approved changesets -- score normalized to 6","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/c22063e786c11f9dd714d777a687ff7c4599b600/docs/checks.md#code-review"}},{"name":"Dependency-Update-Tool","score":10,"reason":"update tool detected","details":["Info: detected update tool: Dependabot: .github/dependabot.yml:1"],"documentation":{"short":"Determines if the project uses a dependency update tool.","url":"https://github.com/ossf/scorecard/blob/c22063e786c11f9dd714d777a687ff7c4599b600/docs/checks.md#dependency-update-tool"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/c22063e786c11f9dd714d777a687ff7c4599b600/docs/checks.md#dangerous-workflow"}},{"name":"Maintained","score":10,"reason":"30 commit(s) and 26 issue activity found in the last 90 days -- score normalized to 10","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/c22063e786c11f9dd714d777a687ff7c4599b600/docs/checks.md#maintained"}},{"name":"Binary-Artifacts","score":3,"reason":"binaries present in source code","details":["Warn: binary detected: tests_data/mitra/elf/elf.elf:1","Warn: binary detected: tests_data/mitra/elf/elf64.elf:1","Warn: binary detected: tests_data/mitra/iso/iso.iso:1","Warn: binary detected: tests_data/mitra/javabytecode/java.class:1","Warn: binary detected: tests_data/mitra/pebin/pe32.exe:1","Warn: binary detected: tests_data/mitra/pebin/pe64.exe:1","Warn: binary detected: tests_data/mitra_candidates/wasm.wasm:1"],"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/c22063e786c11f9dd714d777a687ff7c4599b600/docs/checks.md#binary-artifacts"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/c22063e786c11f9dd714d777a687ff7c4599b600/docs/checks.md#packaging"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Info: jobLevel 'actions' permission set to 'read': .github/workflows/codeql.yml:40","Info: jobLevel 'contents' permission set to 'read': .github/workflows/codeql.yml:41","Warn: jobLevel 'contents' permission set to 'write': .github/workflows/js-docs-builder.yml:20","Warn: topLevel 'contents' permission set to 'write': .github/workflows/cli-latest.yml:14","Warn: topLevel 'contents' permission set to 'write': .github/workflows/cli-release.yml:20","Info: topLevel 'contents' permission set to 'read': .github/workflows/codeql.yml:23","Info: topLevel 'contents' permission set to 'read': .github/workflows/docs-check.yml:20","Info: topLevel 'contents' permission set to 'read': .github/workflows/github-issue-labeler.yml:10","Info: topLevel 'contents' permission set to 'read': .github/workflows/github-pages.yml:15","Warn: no topLevel permission defined: .github/workflows/js-check-import-scenarios.yml:1","Info: topLevel 'contents' permission set to 'read': .github/workflows/js-docs-builder.yml:15","Info: topLevel 'contents' permission set to 'read': .github/workflows/js-publish.yml:5","Info: topLevel 'contents' permission set to 'read': .github/workflows/js-test.yml:14","Info: topLevel 'contents' permission set to 'read': .github/workflows/python-build-package.yml:21","Info: topLevel 'contents' permission set to 'read': .github/workflows/python-test-published-package.yml:17","Info: topLevel 'contents' permission set to 'read': .github/workflows/python-test-published-rc-package.yml:17","Info: topLevel 'contents' permission set to 'read': .github/workflows/python-test-suite.yml:16","Info: topLevel 'contents' permission set to 'read': .github/workflows/rust-test.yml:16","Info: topLevel permissions set to 'read-all': .github/workflows/scorecard.yml:19","Info: topLevel 'contents' permission set to 'read': .github/workflows/website-test.yml:15"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/c22063e786c11f9dd714d777a687ff7c4599b600/docs/checks.md#token-permissions"}},{"name":"CII-Best-Practices","score":5,"reason":"badge detected: Passing","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/c22063e786c11f9dd714d777a687ff7c4599b600/docs/checks.md#cii-best-practices"}},{"name":"Signed-Releases","score":0,"reason":"Project has not signed or included provenance with any releases.","details":["Warn: release artifact cli/v1.0.1 not signed: https://api.github.com/repos/google/magika/releases/253654538","Warn: release artifact cli/v1.0.0 not signed: https://api.github.com/repos/google/magika/releases/246785846","Warn: release artifact cli/v0.1.4 not signed: https://api.github.com/repos/google/magika/releases/246191295","Warn: release artifact cli/v0.1.3 not signed: https://api.github.com/repos/google/magika/releases/246185458","Warn: release artifact cli-latest not signed: https://api.github.com/repos/google/magika/releases/253654666","Warn: release artifact cli/v1.0.1 does not have provenance: https://api.github.com/repos/google/magika/releases/253654538","Warn: release artifact cli/v1.0.0 does not have provenance: https://api.github.com/repos/google/magika/releases/246785846","Warn: release artifact cli/v0.1.4 does not have provenance: https://api.github.com/repos/google/magika/releases/246191295","Warn: release artifact cli/v0.1.3 does not have provenance: https://api.github.com/repos/google/magika/releases/246185458","Warn: release artifact cli-latest does not have provenance: https://api.github.com/repos/google/magika/releases/253654666"],"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/c22063e786c11f9dd714d777a687ff7c4599b600/docs/checks.md#signed-releases"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: Apache License 2.0: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/c22063e786c11f9dd714d777a687ff7c4599b600/docs/checks.md#license"}},{"name":"Pinned-Dependencies","score":2,"reason":"dependency not pinned by hash detected -- score normalized to 2","details":["Info: Possibly incomplete results: error parsing shell code: invalid parameter name: .github/workflows/cli-release.yml:82","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/cli-release.yml:122: update your workflow using https://app.stepsecurity.io/secureworkflow/google/magika/cli-release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/cli-release.yml:137: update your workflow using https://app.stepsecurity.io/secureworkflow/google/magika/cli-release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/cli-release.yml:151: update your workflow using https://app.stepsecurity.io/secureworkflow/google/magika/cli-release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/cli-release.yml:168: update your workflow using https://app.stepsecurity.io/secureworkflow/google/magika/cli-release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/cli-release.yml:185: update your workflow using https://app.stepsecurity.io/secureworkflow/google/magika/cli-release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/cli-release.yml:190: update your workflow using https://app.stepsecurity.io/secureworkflow/google/magika/cli-release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/cli-release.yml:197: update your workflow using https://app.stepsecurity.io/secureworkflow/google/magika/cli-release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/cli-release.yml:215: update your workflow using https://app.stepsecurity.io/secureworkflow/google/magika/cli-release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/cli-release.yml:235: update your workflow using https://app.stepsecurity.io/secureworkflow/google/magika/cli-release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/cli-release.yml:240: update your workflow using https://app.stepsecurity.io/secureworkflow/google/magika/cli-release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/cli-release.yml:247: update your workflow using https://app.stepsecurity.io/secureworkflow/google/magika/cli-release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/cli-release.yml:260: update your workflow using https://app.stepsecurity.io/secureworkflow/google/magika/cli-release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/cli-release.yml:267: update your workflow using https://app.stepsecurity.io/secureworkflow/google/magika/cli-release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/cli-release.yml:300: update your workflow using https://app.stepsecurity.io/secureworkflow/google/magika/cli-release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/cli-release.yml:62: update your workflow using https://app.stepsecurity.io/secureworkflow/google/magika/cli-release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/cli-release.yml:72: update your workflow using https://app.stepsecurity.io/secureworkflow/google/magika/cli-release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/cli-release.yml:88: update your workflow using https://app.stepsecurity.io/secureworkflow/google/magika/cli-release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/python-build-package.yml:131: update your workflow using https://app.stepsecurity.io/secureworkflow/google/magika/python-build-package.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/python-build-package.yml:140: update your workflow using https://app.stepsecurity.io/secureworkflow/google/magika/python-build-package.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/python-build-package.yml:145: update your workflow using https://app.stepsecurity.io/secureworkflow/google/magika/python-build-package.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/python-build-package.yml:168: update your workflow using https://app.stepsecurity.io/secureworkflow/google/magika/python-build-package.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/python-build-package.yml:169: update your workflow using https://app.stepsecurity.io/secureworkflow/google/magika/python-build-package.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/python-build-package.yml:228: update your workflow using https://app.stepsecurity.io/secureworkflow/google/magika/python-build-package.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/python-build-package.yml:229: update your workflow using https://app.stepsecurity.io/secureworkflow/google/magika/python-build-package.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/python-build-package.yml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/google/magika/python-build-package.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/python-build-package.yml:51: update your workflow using https://app.stepsecurity.io/secureworkflow/google/magika/python-build-package.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/python-build-package.yml:60: update your workflow using https://app.stepsecurity.io/secureworkflow/google/magika/python-build-package.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/python-build-package.yml:66: update your workflow using https://app.stepsecurity.io/secureworkflow/google/magika/python-build-package.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/python-build-package.yml:89: update your workflow using https://app.stepsecurity.io/secureworkflow/google/magika/python-build-package.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/python-build-package.yml:90: update your workflow using https://app.stepsecurity.io/secureworkflow/google/magika/python-build-package.yml/main?enable=pin","Warn: containerImage not pinned by hash: Dockerfile:4: pin your Docker image by updating python:3.11-slim to python:3.11-slim@sha256:ff8533f48e12b705fc20d339fde2ec61d0b234dd9366bab3bc84d7b70a45c8c0","Warn: containerImage not pinned by hash: go/docker/Dockerfile:11: pin your Docker image by updating golang:latest to golang:latest@sha256:c0bf2bc2f8e5720aa2e83e45d2085edbf2ad085e2d1a195bb6c3c402350fe661","Warn: containerImage not pinned by hash: go/docker/Dockerfile:55: pin your Docker image by updating debian:latest to debian:latest@sha256:fd8f5a1df07b5195613e4b9a0b6a947d3772a151b81975db27d47f093f60c6e6","Warn: containerImage not pinned by hash: tests_data/basic/dockerfile/Dockerfile:4: pin your Docker image by updating python:3.11-slim to python:3.11-slim@sha256:ff8533f48e12b705fc20d339fde2ec61d0b234dd9366bab3bc84d7b70a45c8c0","Warn: pipCommand not pinned by hash: Dockerfile:12","Warn: pipCommand not pinned by hash: tests_data/basic/dockerfile/Dockerfile:12","Warn: pipCommand not pinned by hash: rust/onnx/build.sh:30","Warn: downloadThenRun not pinned by hash: .github/workflows/cli-release.yml:71","Warn: downloadThenRun not pinned by hash: .github/workflows/cli-release.yml:130","Warn: downloadThenRun not pinned by hash: .github/workflows/docs-check.yml:30","Warn: downloadThenRun not pinned by hash: .github/workflows/python-build-package.yml:179","Warn: pipCommand not pinned by hash: .github/workflows/python-build-package.yml:200","Warn: downloadThenRun not pinned by hash: .github/workflows/python-build-package.yml:239","Warn: pipCommand not pinned by hash: .github/workflows/python-build-package.yml:260","Warn: downloadThenRun not pinned by hash: .github/workflows/python-build-package.yml:43","Warn: downloadThenRun not pinned by hash: .github/workflows/python-build-package.yml:100","Warn: pipCommand not pinned by hash: .github/workflows/python-build-package.yml:121","Warn: downloadThenRun not pinned by hash: .github/workflows/python-build-package.yml:134","Warn: downloadThenRun not pinned by hash: .github/workflows/python-test-published-package.yml:36","Warn: pipCommand not pinned by hash: .github/workflows/python-test-published-package.yml:52","Warn: downloadThenRun not pinned by hash: .github/workflows/python-test-published-rc-package.yml:35","Warn: pipCommand not pinned by hash: .github/workflows/python-test-published-rc-package.yml:51","Warn: downloadThenRun not pinned by hash: .github/workflows/python-test-suite.yml:35","Info:  39 out of  67 GitHub-owned GitHubAction dependencies pinned","Info:   1 out of   3 third-party GitHubAction dependencies pinned","Info:   0 out of   4 containerImage dependencies pinned","Info:   0 out of   8 pipCommand dependencies pinned","Info:   0 out of  11 downloadThenRun dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/c22063e786c11f9dd714d777a687ff7c4599b600/docs/checks.md#pinned-dependencies"}},{"name":"SAST","score":10,"reason":"SAST tool is run on all commits","details":["Info: SAST configuration detected: CodeQL","Info: all commits (30) are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/c22063e786c11f9dd714d777a687ff7c4599b600/docs/checks.md#sast"}},{"name":"Fuzzing","score":10,"reason":"project is fuzzed","details":["Info: TypeScriptPropertyBasedTesting integration found: js/test/magika.test.ts:27","Info: TypeScriptPropertyBasedTesting integration found: js/test/magika.test.ts:27"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/c22063e786c11f9dd714d777a687ff7c4599b600/docs/checks.md#fuzzing"}},{"name":"Vulnerabilities","score":4,"reason":"6 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GHSA-968p-4wvh-cqc8","Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw","Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275","Warn: Project is vulnerable to: GHSA-mwcw-c2x4-8c55","Warn: Project is vulnerable to: GHSA-g3ch-rx76-35fx","Warn: Project is vulnerable to: GHSA-5ff5-9fcw-vg88"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/c22063e786c11f9dd714d777a687ff7c4599b600/docs/checks.md#vulnerabilities"}},{"name":"Branch-Protection","score":8,"reason":"branch protection is not maximal on development and all release branches","details":["Info: 'allow deletion' disabled on branch 'main'","Info: 'force pushes' disabled on branch 'main'","Warn: 'branch protection settings apply to administrators' is disabled on branch 'main'","Info: 'stale review dismissal' is required to merge on branch 'main'","Warn: required approving review count is 1 on branch 'main'","Info: codeowner review is required on branch 'main'","Info: 'last push approval' is required to merge on branch 'main'","Info: 'up-to-date branches' is required to merge on branch 'main'","Info: status check found to merge onto on branch 'main'","Info: PRs are required in order to make changes on branch 'main'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/c22063e786c11f9dd714d777a687ff7c4599b600/docs/checks.md#branch-protection"}},{"name":"Security-Policy","score":10,"reason":"security policy file detected","details":["Info: security policy file detected: github.com/google/.github/SECURITY.md:1","Info: Found linked content: github.com/google/.github/SECURITY.md:1","Info: Found disclosure, vulnerability, and/or timelines in security policy: github.com/google/.github/SECURITY.md:1","Info: Found text in security policy: github.com/google/.github/SECURITY.md:1"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/c22063e786c11f9dd714d777a687ff7c4599b600/docs/checks.md#security-policy"}},{"name":"CI-Tests","score":10,"reason":"12 out of 12 merged PRs checked by a CI test -- score normalized to 10","details":null,"documentation":{"short":"Determines if the project runs tests before pull requests are merged.","url":"https://github.com/ossf/scorecard/blob/c22063e786c11f9dd714d777a687ff7c4599b600/docs/checks.md#ci-tests"}},{"name":"Contributors","score":10,"reason":"project has 35 contributing companies or organizations","details":["Info: found contributions from: Bauddhik-Geeks, CURAJ-Open-Source-Community, CommunityPro, Design-and-Code, DevLeonardoCommunity, Devs-Dungeon, EquiCode, FearlessTech, Huniko-Team, LearnWithCommunity, Magic-Academy, NextCommunity, PriyanshOrg, Py-Contributors, Th3-Shield, WebXDAO, chryz-hub, cloudcommunity, dev-protocol, endock, gofiber, google, googlers, infraform, jazzband, keras-team, madewithai, nextdhcp, o-o-overflow, recodehive, risk-first, sefcom, serge-chat, tensorflow, ubeacsec"],"documentation":{"short":"Determines if the project has a set of contributors from multiple organizations (e.g., companies).","url":"https://github.com/ossf/scorecard/blob/c22063e786c11f9dd714d777a687ff7c4599b600/docs/checks.md#contributors"}}]},"last_synced_at":"2025-10-15T06:21:19.388Z","repository_id":222728423,"created_at":"2025-10-15T06:21:19.388Z","updated_at":"2025-10-15T06:21:19.388Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":29655308,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-02-20T09:27:29.698Z","status":"ssl_error","status_checked_at":"2026-02-20T09:26:12.373Z","response_time":59,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ai","deep-learning","filetype","keras-classification-models","keras-models","mime-types","onnx"],"created_at":"2024-07-31T08:01:26.600Z","updated_at":"2026-02-25T12:29:01.351Z","avatar_url":"https://github.com/google.png","language":"Python","funding_links":[],"categories":["Rust","Python","Blue Team","Repos"],"sub_categories":["Forensics"],"readme":"# Magika\n\n[![image](https://img.shields.io/pypi/v/magika.svg)](https://pypi.python.org/pypi/magika)\n[![NPM Version](https://img.shields.io/npm/v/magika)](https://npmjs.com/package/magika)\n[![image](https://img.shields.io/pypi/l/magika.svg)](https://pypi.python.org/pypi/magika)\n[![image](https://img.shields.io/pypi/pyversions/magika.svg)](https://pypi.python.org/pypi/magika)\n[![Go Version](https://img.shields.io/github/v/tag/google/magika?filter=go%2F*\u0026label=go\u0026sort=semver)](https://pkg.go.dev/github.com/google/magika/go)\n\u003c!-- [![OpenSSF Scorecard](https://api.scorecard.dev/projects/github.com/google/magika/badge)](https://scorecard.dev/viewer/?uri=github.com/google/magika) --\u003e\n[![OpenSSF Best Practices](https://www.bestpractices.dev/projects/8706/badge)](https://www.bestpractices.dev/en/projects/8706)\n![CodeQL](https://github.com/google/magika/workflows/CodeQL/badge.svg)\n[![Actions status](https://github.com/google/magika/actions/workflows/python-build-and-release-package.yml/badge.svg)](https://github.com/google/magika/actions)\n[![PyPI Monthly Downloads](https://static.pepy.tech/badge/magika/month)](https://pepy.tech/projects/magika)\n[![PyPI Downloads](https://static.pepy.tech/badge/magika)](https://pepy.tech/projects/magika)\n\nMagika is a novel AI-powered file type detection tool that relies on the recent advance of deep learning to provide accurate detection. Under the hood, Magika employs a custom, highly optimized model that only weighs about a few MBs, and enables precise file identification within milliseconds, even when running on a single CPU. Magika has been trained and evaluated on a dataset of ~100M samples across 200+ content types (covering both binary and textual file formats), and it achieves an average ~99% accuracy on our test set.\n\nHere is an example of what Magika command line output looks like:\n\n\u003cp align=\"center\"\u003e\n    \u003cimg src=\"./assets/magika-screenshot.png\" width=\"600\"\u003e\n\u003c/p\u003e\n\nMagika is used at scale to help improve Google users' safety by routing Gmail, Drive, and Safe Browsing files to the proper security and content policy scanners, processing hundreds billions samples on a weekly basis. Magika has also been integrated with [VirusTotal](https://www.virustotal.com/) ([example](./assets/magika-vt.png)) and [abuse.ch](https://bazaar.abuse.ch/) ([example](./assets/magika-abusech.png)).\n\nFor more context you can read our initial [announcement post on Google's OSS blog](https://opensource.googleblog.com/2024/02/magika-ai-powered-fast-and-efficient-file-type-identification.html), you can consult [Magika's website](https://securityresearch.google/magika/), and you can read more in our [research paper](https://securityresearch.google/magika/additional-resources/research-papers-and-citation/), published at the IEEE/ACM International Conference on Software Engineering (ICSE) 2025.\n\nYou can try Magika without installing anything by using our [web demo](https://securityresearch.google/magika/demo/magika-demo/), which runs locally in your browser!\n\n\n# Highlights\n\n- Available as a command line tool written in Rust, a Python API, and additional bindings for Rust, JavaScript/TypeScript (with an experimental npm package, which powers our [web demo](https://securityresearch.google/magika/demo/magika-demo/)), and GoLang (WIP).\n- Trained and evaluated on a dataset of ~100M files across [200+ content types](./assets/models/standard_v3_3/README.md).\n- On our test set, Magika achieves ~99% average precision and recall, outperforming existing approaches -- especially on textual content types.\n- After the model is loaded (which is a one-off overhead), the inference time is about 5ms per file, even when run on a single CPU.\n- You can invoke Magika with even thousands of files at the same time. You can also use `-r` for recursively scanning a directory.\n- Near-constant inference time, independently from the file size; Magika only uses a limited subset of the file's content.\n- Magika uses a per-content-type threshold system that determines whether to \"trust\" the prediction for the model, or whether to return a generic label, such as \"Generic text document\" or \"Unknown binary data\".\n- The tolerance to errors can be controlled via different prediction modes, such as `high-confidence`, `medium-confidence`, and `best-guess`.\n- The client and the bindings are already open source, and more is coming soon!\n\n# Table of Contents\n\n1. [Getting Started](#getting-started)\n   1. [Installation](#installation)\n   1. [Quick Start](#quick-start)\n1. [Documentation](#documentation)\n1. [Security Vulnerabilities](#security-vulnerabilities)\n1. [License](#license)\n1. [Disclaimer](#disclaimer)\n\n# Getting Started\n\n## Installation\n\n### Command Line Tool\n\nMagika ships a CLI written in Rust, and can be installed in several ways.\n\nVia `magika` python package:\n```shell\npipx install magika\n```\n\nVia brew (macOS / Linux)\n```shell\nbrew install magika\n```\n\nVia installer script:\n```shell\ncurl -LsSf https://securityresearch.google/magika/install.sh | sh\n```\n\nor\n\n```shell\npowershell -ExecutionPolicy Bypass -c \"irm https://securityresearch.google/magika/install.ps1 | iex\"\n```\n\n\n### Python package\n\n```shell\npip install magika\n```\n\n### JavaScript package\n\n```shell\nnpm install magika\n```\n\n\n## Quick Start\n\nHere you can find a number of quick examples just to get you started.\n\nTo learn about Magika's inner workings, see the [Core Concepts](https://securityresearch.google/magika/core-concepts/) section of Magika's website.\n\n### Command Line Tool Examples\n\n```shell\n% cd tests_data/basic \u0026\u0026 magika -r * | head\nasm/code.asm: Assembly (code)\nbatch/simple.bat: DOS batch file (code)\nc/code.c: C source (code)\ncss/code.css: CSS source (code)\ncsv/magika_test.csv: CSV document (code)\ndockerfile/Dockerfile: Dockerfile (code)\ndocx/doc.docx: Microsoft Word 2007+ document (document)\ndocx/magika_test.docx: Microsoft Word 2007+ document (document)\neml/sample.eml: RFC 822 mail (text)\nempty/empty_file: Empty file (inode)\n```\n\n```shell\n% magika ./tests_data/basic/python/code.py --json\n[\n  {\n    \"path\": \"./tests_data/basic/python/code.py\",\n    \"result\": {\n      \"status\": \"ok\",\n      \"value\": {\n        \"dl\": {\n          \"description\": \"Python source\",\n          \"extensions\": [\n            \"py\",\n            \"pyi\"\n          ],\n          \"group\": \"code\",\n          \"is_text\": true,\n          \"label\": \"python\",\n          \"mime_type\": \"text/x-python\"\n        },\n        \"output\": {\n          \"description\": \"Python source\",\n          \"extensions\": [\n            \"py\",\n            \"pyi\"\n          ],\n          \"group\": \"code\",\n          \"is_text\": true,\n          \"label\": \"python\",\n          \"mime_type\": \"text/x-python\"\n        },\n        \"score\": 0.996999979019165\n      }\n    }\n  }\n]\n```\n\n```shell\n% cat tests_data/basic/ini/doc.ini | magika -\n-: INI configuration file (text)\n```\n\n```shell\n% magika --help\nDetermines file content types using AI\n\nUsage: magika [OPTIONS] [PATH]...\n\nArguments:\n  [PATH]...\n          List of paths to the files to analyze.\n\n          Use a dash (-) to read from standard input (can only be used once).\n\nOptions:\n  -r, --recursive\n          Identifies files within directories instead of identifying the directory itself\n\n      --no-dereference\n          Identifies symbolic links as is instead of identifying their content by following them\n\n      --colors\n          Prints with colors regardless of terminal support\n\n      --no-colors\n          Prints without colors regardless of terminal support\n\n  -s, --output-score\n          Prints the prediction score in addition to the content type\n\n  -i, --mime-type\n          Prints the MIME type instead of the content type description\n\n  -l, --label\n          Prints a simple label instead of the content type description\n\n      --json\n          Prints in JSON format\n\n      --jsonl\n          Prints in JSONL format\n\n      --format \u003cCUSTOM\u003e\n          Prints using a custom format (use --help for details).\n\n          The following placeholders are supported:\n\n            %p  The file path\n            %l  The unique label identifying the content type\n            %d  The description of the content type\n            %g  The group of the content type\n            %m  The MIME type of the content type\n            %e  Possible file extensions for the content type\n            %s  The score of the content type for the file\n            %S  The score of the content type for the file in percent\n            %b  The model output if overruled (empty otherwise)\n            %%  A literal %\n\n  -h, --help\n          Print help (see a summary with '-h')\n\n  -V, --version\n          Print version\n```\n\nFor more examples and documentation about the CLI, see https://crates.io/crates/magika-cli.\n\n\n### Python Examples\n\n```python\n\u003e\u003e\u003e from magika import Magika\n\u003e\u003e\u003e m = Magika()\n\u003e\u003e\u003e res = m.identify_bytes(b'function log(msg) {console.log(msg);}')\n\u003e\u003e\u003e print(res.output.label)\njavascript\n```\n\n```python\n\u003e\u003e\u003e from magika import Magika\n\u003e\u003e\u003e m = Magika()\n\u003e\u003e\u003e res = m.identify_path('./tests_data/basic/ini/doc.ini')\n\u003e\u003e\u003e print(res.output.label)\nini\n```\n\n```python\n\u003e\u003e\u003e from magika import Magika\n\u003e\u003e\u003e m = Magika()\n\u003e\u003e\u003e with open('./tests_data/basic/ini/doc.ini', 'rb') as f:\n\u003e\u003e\u003e     res = m.identify_stream(f)\n\u003e\u003e\u003e print(res.output.label)\nini\n```\n\nFor more examples and documentation about the Python module, see the [Python `Magika` module](https://securityresearch.google/magika/cli-and-bindings/python/) section.\n\n\n# Documentation\n\nPlease consult [Magika's website](https://securityresearch.google/magika) for detailed documentation about:\n- Core Concepts\n  - How Magika works\n  - Models \u0026 content types\n  - Prediction modes\n  - Understanding the output\n- CLI \u0026 Bindings (Python module, JavaScript module, ...)\n- Contributing\n- FAQ\n- ...\n\n\n# Security Vulnerabilities\n\nPlease contact us directly at magika-dev@google.com.\n\n\n# License\n\nApache 2.0; see [`LICENSE`](LICENSE) for details.\n\n\n# Disclaimer\n\nThis project is not an official Google project. It is not supported by\nGoogle and Google specifically disclaims all warranties as to its quality,\nmerchantability, or fitness for a particular purpose.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgoogle%2Fmagika","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fgoogle%2Fmagika","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgoogle%2Fmagika/lists"}