BugTraceAI-CORE-Fast (7B)
A lightweight security engineering model from BugTraceAI, tuned for fast triage, payload review, scanning support, and concise remediation guidance across agentic web pentesting workflows.
Model Overview
| Field | Value |
|---|---|
| Organization | BugTraceAI |
| Framework | BugTraceAI agentic web pentesting framework |
| Variant | BugTraceAI-CORE-Fast |
| Parameter Scale | 7B |
| Architecture | Qwen2.5 Coder |
| Intended Domain | Application security and authorized security research |
| Primary Delivery Format | GGUF |
Intended Use
- Fast classification of web findings and scanner output.
- Short-form assistance for payload debugging in authorized test environments.
- Generating concise reproduction steps, notes, and developer-facing fixes.
Out-of-Scope Use
- Unsupervised offensive use against systems without authorization.
- Claims of exploit success without external validation.
- Long-form reporting when deep context or multi-step reasoning is required.
Training Data Summary
This model was tuned for security engineering workflows using a curated mix of public, security-focused material. The training mix is described at a high level below:
- Public vulnerability writeups and disclosed security reports used to improve structure, reasoning, and reporting quality.
- Security methodology material used to improve triage, reproduction planning, and remediation-oriented analysis.
- Domain examples covering common web application security patterns, defensive controls, and scanner-style findings.
The card intentionally describes the data at a summary level. It should not be read as a guarantee of exact coverage for any individual product, CVE, target stack, or technique.
Prompting Guidance
Recommended prompting style:
- State the environment and authorization context clearly.
- Provide concrete evidence: request, response, stack details, logs, code snippets, or scan output.
- Ask for one task at a time: triage, reproduction planning, impact analysis, remediation, or reporting.
Example tasks that fit this model:
- Summarize why this finding is likely valid and what evidence is missing.
- Rewrite this scanner output into a concise engineering ticket.
- Draft remediation steps for this authorization bug or input validation issue.
Ollama Example
FROM hf.co/BugTraceAI/BugTraceAI-CORE-Fast
SYSTEM """
You are BugTraceAI-CORE-Fast, a security engineering assistant for authorized testing,
triage, and remediation support. Prefer precise technical analysis, state assumptions,
and separate confirmed evidence from hypotheses.
"""
PARAMETER temperature 0.1
PARAMETER top_p 0.9
Create the local model with:
ollama create bugtrace-fast -f Modelfile
Strengths
- Low-latency responses for automation-heavy workflows.
- Strong fit for short prompts, CLI integration, and rapid iteration.
- Useful as a first-pass model before escalating to the Pro variant.
Limitations
- More likely to miss cross-step reasoning than the Pro model.
- May require external tools to validate security claims.
- Produces best results with tightly scoped prompts and explicit context.
Evaluation Status
This release is currently documented with qualitative positioning rather than a public benchmark suite. If you rely on the model for production workflows, validate it against your own prompt set, evidence format, and report quality bar.
Safety and Responsible Use
This model is intended for authorized security work, defensive research, education, and engineering support. Users are responsible for ensuring legal authorization, validating outputs, and applying human review before acting on model-generated analysis.
License
Apache-2.0.
- Downloads last month
- 575
We're not able to determine the quantization variants.