AIAny
AI API2023
Icon for item

Magika

Detects file content types with a compact deep‑learning model that runs in milliseconds on a single CPU. Trained on ~100M samples across 200+ content types; offered as a Rust CLI plus Python, JS, and Go bindings for large‑scale security and file‑routing use.

Introduction

Why this matters

File type identification is a ubiquitous preprocessing step for security scanners, malware analysis, and content policy pipelines — yet traditional heuristics or magic‑byte approaches struggle with ambiguous, truncated, or textual formats. Magika flips the problem: a small, optimized neural model trained on ~100M samples provides robust content‑type signals fast enough to run at scale, enabling more accurate routing and downstream scanning decisions.

What Sets It Apart
  • Compact, inference‑first model: the core model weighs only a few megabytes, so loading and serving it is lightweight; after loading, per‑file inference is on the order of ~5 ms on a single CPU, making it practical for batch and stream processing. This means reduced CPU cost compared with large model approaches while still yielding high accuracy.
  • Broad and practical coverage: trained and evaluated across 200+ content types (binary and textual), achieving ~99% average precision/recall on the authors' test set. The project uses per‑content‑type confidence thresholds to return either a precise label or a safe generic label when confidence is low.
  • Production usage and integrations: designed for operational security pipelines — reported uses include routing files in Gmail, Drive, and Safe Browsing, and integrations with VirusTotal and abuse.ch. The repo exposes a Rust CLI and libraries/bindings (Python, JavaScript/TypeScript, and a WIP Go binding), letting teams embed the detector in diverse environments.
Who it's for — and tradeoffs

Great fit if you need a fast, on‑prem or privacy‑respecting content detector for security or ingestion pipelines, especially where network calls or heavyweight models are undesirable. It’s also suitable for integration into CI, malware triage, or bulk file processing systems. Look elsewhere if you require human‑readable file content extraction, full format parsing, or canonicalization (Magika classifies content type but does not replace full parsers). Also evaluate if your use case demands open datasets or models with different licensing needs; the client and bindings are open source under Apache 2.0, but the project notes it is not an "official Google product."

Where It Fits

Magika sits between lightweight signature/extension heuristics and heavyweight content parsers: it provides a fast, learned signal that improves routing and triage accuracy without incurring large inference costs or complex deployment overhead.

Implementation notes (high level)

The public repo exposes a command‑line tool (Rust) and language bindings. The model design emphasizes sampling a limited subset of file bytes and text features to keep inference near‑constant regardless of file size. The project also ships model metadata (per‑type thresholds and labels) so integrators can tune confidence modes (high‑confidence, medium‑confidence, best‑guess) for different risk profiles.

Information

  • Websitegithub.com
  • AuthorsGoogle Security Research
  • Published date2023/08/22

Categories

More Items

GitHub

Runs a self-hosted meeting bot and transcription API that joins Google Meet, Teams and Zoom and streams speaker-attributed transcripts in real time. Compiles meetings into a git-backed Markdown workspace and runs sandboxed agents on your infrastructure; Apache-2.0 and air-gap capable.

GitHub
AI API2020

Typed Python client for the OpenAI REST API that offers synchronous and asynchronous clients, typed request/response models, streaming and Realtime support, webhook verification, and integrations for Azure and Amazon Bedrock—built for production integrations and automation.

GitHub

Exposes a self-hosted WhatsApp HTTP/REST API that runs a real WhatsApp Web instance so apps and AI agents can read/send messages, manage contacts, and automate flows. Offers three engine modes (WEBJS, NOWEB, GOWS), Docker images, and MCP support; relies on WhatsApp Web so blocking risk exists.