Hugging Face's logo

Nguuma
/
security-slm-unsloth-1.5b

Text Generation
Transformers
Safetensors
GGUF
English
text-generation-inference
unsloth
qwen2
trl
deepseek
deepseek-r1
cybersecurity
red-team
blue-team
security
reasoning
chain-of-thought
edge-ai
ollama
llama-cpp
lora
4-bit precision
llm-security
penetration-testing
threat-analysis
mcp-security
ai-safety
offline
air-gapped
conversational
Eval Results (legacy)
Model card Files
xet
 Community

security-slm-unsloth-1.5b — Edge-Deployable Security Reasoning Model

Developed by: Nguuma License: Apache-2.0 Base model: unsloth/deepseek-r1-distill-qwen-1.5b-unsloth-bnb-4bit Quantized format: GGUF Q4_K_M (~1.2 GB RAM at inference)

A security-focused small language model that thinks before it answers — fine-tuned for AI-native Blue/Red team operations, deployable on a 4 GB RAM machine with no GPU required.

Trained 2x faster with Unsloth

Quickstart — Copy & Run 

# pip install llama-cpp-python huggingface_hub
from huggingface_hub import hf_hub_download
from llama_cpp import Llama

# Download the fine-tuned GGUF from HuggingFace (~1.2 GB, one-time)
model_path = hf_hub_download(
    repo_id="Nguuma/security-slm-unsloth-1.5b",
    filename="security-slm-finetuned-deepseek-r1-distill-qwen-1.5b.Q4_K_M.gguf",
    local_dir="./models",
)

# Load — runs on CPU, no GPU required
llm = Llama(
    model_path=model_path,
    n_ctx=2048,
    n_threads=4,   # adjust to your CPU core count
    verbose=False,
)

# Ask a security question
response = llm.create_chat_completion(
    messages=[
        {
            "role": "system",
            "content": "You are a Cybersecurity assistant with Blue and Red team security reasoning. Think step by step before answering.",
        },
        {
            "role": "user",
            "content": 'An AI agent received this tool-call response: {"file": "../../../../etc/passwd"}. Is this a path traversal attack? What should the agent do?',
        },
    ],
    max_tokens=512,
    temperature=0.7,
    top_p=0.9,
)

print(response["choices"][0]["message"]["content"])

Prefer Ollama? One command: ollama run hf.co/Nguuma/security-slm-unsloth-1.5b

Why security-slm-unsloth-1.5b?

Most security-aware LLMs require cloud APIs, expose sensitive queries to third parties, and run on expensive hardware. security-slm-unsloth-1.5b runs entirely offline on commodity hardware — a reasoning-capable SLM purpose-built for the 2026 AI threat landscape, covering attack classes that general-purpose models have no training signal for: MCP tool poisoning, agentic lateral movement, Crescendo jailbreaks, and LLM-assisted SSRF.

Model Description

security-slm-unsloth-1.5b is a fine-tuned version of DeepSeek-R1-Distill-Qwen-1.5B, specialised in cybersecurity reasoning across offensive and defensive contexts. It preserves the base model's chain-of-thought (<think>) reasoning behaviour and redirects it toward security-domain problems: threat analysis, attack simulation, detection logic, and AI-specific attack patterns emerging in 2025–2026.

Property Value
Base architecture Qwen2 / DeepSeek-R1-Distill
Parameters 1.5B
Training dataset curated security samples
Training epochs 2
Final training loss 2.66
Eval score (pre-fine-tune) 2.2 / 10
Eval score (post-fine-tune) 6.0 / 10
Improvement +173%
Think-block activation rate 100%
GGUF RAM footprint ~1.2 GB (Q4_K_M)
LoRA rank r=16
LoRA target modules q_proj, k_proj, v_proj, o_proj, gate_proj, up_proj, down_proj

Files in This Repository

File Description
*.gguf Q4_K_M quantized model — use with Ollama or llama.cpp
adapter_model.safetensors LoRA adapter weights (~30MB) — use with Transformers + PEFT
adapter_config.json LoRA configuration
tokenizer* Tokenizer files

Quickstart

Ollama (recommended — one command) 

ollama run hf.co/Nguuma/security-slm-unsloth-1.5b

Or pull first then run:

ollama pull hf.co/Nguuma/security-slm-unsloth-1.5b
ollama run hf.co/Nguuma/security-slm-unsloth-1.5b

Ollama with custom Modelfile

Save this as Modelfile, then run ollama create security-slm -f Modelfile && ollama run security-slm:

FROM hf.co/Nguuma/security-slm-unsloth-1.5b

SYSTEM """You are a Cybersecurity assistant with Blue and Red team security reasoning. Think step by step before answering."""

PARAMETER temperature 0.7
PARAMETER top_p 0.9
PARAMETER num_predict 512
PARAMETER num_ctx 2048

llama.cpp 

# Download the GGUF
huggingface-cli download Nguuma/security-slm-unsloth-1.5b --include "*.gguf" --local-dir ./

# Run
./llama-cli -m security-slm-finetuned-deepseek-r1-distill-qwen-1.5b.Q4_K_M.gguf \
  --prompt "Analyse this log entry for signs of prompt injection: ..." \
  -n 512

Transformers + PEFT (LoRA adapter) 

from transformers import AutoTokenizer, AutoModelForCausalLM
from peft import PeftModel

base = AutoModelForCausalLM.from_pretrained(
    "unsloth/deepseek-r1-distill-qwen-1.5b-unsloth-bnb-4bit"
)
model = PeftModel.from_pretrained(base, "Nguuma/security-slm-unsloth-1.5b")
tokenizer = AutoTokenizer.from_pretrained("Nguuma/security-slm-unsloth-1.5b")

Prompt Format

This model uses the ChatML format. Always include a system prompt and open the assistant turn with <think> to trigger chain-of-thought reasoning:

<|im_start|>system
You are a Cybersecurity assistant with Blue and Red team security reasoning. Think step by step before answering.
<|im_end|>
<|im_start|>user
A user's AI agent received this tool-call response: {"file": "../../../../etc/passwd"}.
Is this a path traversal attack? What should the agent do?
<|im_end|>
<|im_start|>assistant
<think>

The model will complete the <think> block with its reasoning chain, then deliver a structured answer.

Training Dataset

Fine-tuned on curated security samples covering 2026 AI-native threat categories not present in standard security benchmarks. Every scenario is authored as a matched red/blue pair — the same threat modelled from both attacker and defender perspectives.

Domain Description
MCP Attacks Model Context Protocol exploitation, tool-call injection, context poisoning
Prompt Hijacking Crescendo attacks, payload splitting, indirect injection chains
Agentic Security Lateral movement between AI agents, privilege escalation in tool-use pipelines
Cloud-Native AI RAG poisoning, SSRF via LLM agents, S3 misconfiguration exploitation
Guardrail Bypass Base64, Unicode homoglyph, and encoding-based evasion techniques

All samples include preserved <think> reasoning blocks — critical for security work where auditability matters.

Evaluation Results

Same 10 standardised prompts run against base model and fine-tuned model:

Metric Baseline Fine-Tuned Change
Average score (/ 10) 2.2 6.0 +173%
<think> block rate ~20–60% 100% +40–80pp
Average response length 50–150 words 200–500 words +3–4×
Technical depth markers 1–2 / 5 4–5 / 5 +3×

Scoring rubric (10 pts total): Reasoning presence (3) · Reasoning depth (3) · Technical specificity (2) · Response coverage (2)

Key Features

  • Offline-first — No API calls, no data exfiltration risk. Safe for sensitive security environments.
  • Edge-deployable — Runs on a 4 GB RAM laptop via Ollama or llama.cpp. No GPU required.
  • 100% chain-of-thought — Every response includes a <think> reasoning chain. The model shows its work.
  • 2026 threat coverage — Trained on AI-native attack classes absent from standard model training: MCP, agentic lateral movement, Crescendo, LLM SSRF.
  • Dual-use — Blue team (detection, triage, policy) and Red team (simulation, adversarial testing).
  • Quantized & portable — Q4_K_M GGUF, ~1.2 GB. Fits on a USB drive.

Use Cases

Blue Team / Defensive Security

  • Analyse suspicious logs and network events for indicators of compromise
  • Draft detection rules (Sigma, YARA, KQL) from attack descriptions
  • Explain CVEs and map them to MITRE ATT&CK techniques
  • Assess security posture of AI/LLM deployments (RAG pipelines, agentic systems)
  • Generate incident response playbooks

Red Team / Offensive Security

  • Simulate adversarial prompts and injection chains for AI system testing
  • Reason through attack paths against cloud-native AI infrastructure
  • Generate phishing and social engineering scenario templates for awareness training
  • Enumerate MCP and agentic attack surfaces

AI Security Research

  • Study how reasoning models behave on adversarial security inputs
  • Benchmark SLM security knowledge against larger frontier models
  • Prototype lightweight security copilots for air-gapped environments
  • Explore AI-native threat modelling for LLM/agent pipelines

Education & CTF

  • Walk through security concepts with chain-of-thought explanations
  • Assist with Capture the Flag challenge reasoning
  • Train junior analysts on threat patterns with guided step-by-step analysis

Limitations

  • Trained on domain-specific samples — a focused specialist, not a general security encyclopedia
  • Not a substitute for professional penetration testing or incident response
  • May produce incorrect technical details on highly specific CVEs outside training data
  • Intended for authorised security testing, research, and education only

Responsible Use

This model is designed for defensive security, authorised red team exercises, CTF competitions, and security education. Do not use it to conduct unauthorised access, develop malware, or attack systems you do not own or have explicit permission to test.

Citation 

@misc{nguuma2026securityslm,
  title        = {security-slm-unsloth-1.5b: Edge-Deployable Reasoning Model for AI-Native Security Intelligence},
  author       = {Nguuma},
  year         = {2026},
  howpublished = {HuggingFace},
  url          = {https://huggingface.co/Nguuma/security-slm-unsloth-1.5b}
}

Fine-tuned with Unsloth on Google Colab. Reasoning architecture based on DeepSeek-R1.

Downloads last month
241
GGUF
Model size
2B params
Architecture
qwen2
Hardware compatibility
Log In to add your hardware

4-bit

Inference Providers NEW
Text Generation
This model isn't deployed by any Inference Provider. 🙋 1 Ask for provider support

Evaluation results