Text Generation
PEFT
Safetensors
English
security
penetration-testing
offensive-security
red-team
cybersecurity
agent
tool-use
reasoning
lora
sft
trl
unsloth
conversational
Instructions to use glyphsoftware/sentinel-r2-lora with libraries, inference providers, notebooks, and local apps. Follow these links to get started.
- Libraries
- PEFT
How to use glyphsoftware/sentinel-r2-lora with PEFT:
from peft import PeftModel from transformers import AutoModelForCausalLM base_model = AutoModelForCausalLM.from_pretrained("empero-ai/Qwythos-9B-Claude-Mythos-5-1M") model = PeftModel.from_pretrained(base_model, "glyphsoftware/sentinel-r2-lora") - Notebooks
- Google Colab
- Kaggle
- Local Apps Settings
- Unsloth Studio
How to use glyphsoftware/sentinel-r2-lora with Unsloth Studio:
Install Unsloth Studio (macOS, Linux, WSL)
curl -fsSL https://unsloth.ai/install.sh | sh # Run unsloth studio unsloth studio -H 0.0.0.0 -p 8888 # Then open http://localhost:8888 in your browser # Search for glyphsoftware/sentinel-r2-lora to start chatting
Install Unsloth Studio (Windows)
irm https://unsloth.ai/install.ps1 | iex # Run unsloth studio unsloth studio -H 0.0.0.0 -p 8888 # Then open http://localhost:8888 in your browser # Search for glyphsoftware/sentinel-r2-lora to start chatting
Using HuggingFace Spaces for Unsloth
# No setup required # Open https://huggingface.co/spaces/unsloth/studio in your browser # Search for glyphsoftware/sentinel-r2-lora to start chatting
Load model with FastModel
pip install unsloth from unsloth import FastModel model, tokenizer = FastModel.from_pretrained( model_name="glyphsoftware/sentinel-r2-lora", max_seq_length=2048, )
| license: other | |
| license_name: glyph-proprietary-1.0 | |
| license_link: LICENSE | |
| base_model: empero-ai/Qwythos-9B-Claude-Mythos-5-1M | |
| library_name: peft | |
| pipeline_tag: text-generation | |
| language: | |
| - en | |
| tags: | |
| - security | |
| - penetration-testing | |
| - offensive-security | |
| - red-team | |
| - cybersecurity | |
| - agent | |
| - tool-use | |
| - reasoning | |
| - lora | |
| - peft | |
| - sft | |
| - trl | |
| - unsloth | |
| inference: false | |
| extra_gated_prompt: >- | |
| This model is the proprietary property of Glyph Software LLP. Access is | |
| granted only to authorized licensees under a signed agreement. This is an | |
| offensive-security agent adapter intended solely for authorized penetration | |
| testing and security research. By requesting access you confirm you are an | |
| authorized user, that you will only use it against systems you are explicitly | |
| permitted to test, and that you agree to the terms in the LICENSE file. | |
| extra_gated_fields: | |
| Company: text | |
| Authorized use case: text | |
| I confirm I will only use this model against systems I am authorized to test: checkbox | |
| I agree to the Glyph Proprietary License: checkbox | |
| # Sentinel-R2 (LoRA Adapter) | |
| > **Proprietary & Confidential.** Sentinel-R2 is the exclusive property of | |
| > **Glyph Software LLP**. It is **not** open source and is distributed under a | |
| > proprietary, all-rights-reserved license. See the [License](#license) section | |
| > and the bundled [`LICENSE`](LICENSE) file. | |
| Sentinel-R2 is an **offensive-security agent** for **authorized penetration | |
| testing**. Given a target scope and a shell-`execute` tool, it enumerates the | |
| target, works out a foothold, escalates privileges as far as it can, and writes | |
| up the full attack path — the root cause of each weakness it exploits and how to | |
| fix it. It is a reasoning + tool-use model: it plans, issues tool calls, reasons | |
| over the results, and iterates toward its objective. | |
| This repository contains a **LoRA adapter** (PEFT), not a full set of merged | |
| weights. It must be loaded on top of its base model. | |
| ## Model Details | |
| ### Model Description | |
| - **Developed & curated by:** Glyph Software LLP | |
| - **Model persona / identity:** `Sentinel-R2` | |
| - **Model type:** LoRA adapter for a causal decoder-only transformer; instruction-, reasoning-, and tool-use-tuned | |
| - **Base model:** [`empero-ai/Qwythos-9B-Claude-Mythos-5-1M`](https://huggingface.co/empero-ai/Qwythos-9B-Claude-Mythos-5-1M) | |
| - **Adapter type:** LoRA (PEFT) — rank `r=16`, `lora_alpha=16`, `lora_dropout=0.0`, bias `none` | |
| - **Target modules:** attention and MLP projections (`q/k/v/o_proj`, `gate/up/down_proj`) | |
| - **Task type:** `CAUSAL_LM` | |
| - **Languages:** English (with embedded shell commands and source code across many languages) | |
| - **Finetuning method:** Supervised fine-tuning (SFT) on curated authorized-pentest agent trajectories | |
| - **License:** Proprietary — Glyph Proprietary License v1.0 (all rights reserved) | |
| ### Model Sources | |
| - **Repository:** `glyphsoftware/sentinal-r2-lora` (gated) | |
| - **Base model:** `empero-ai/Qwythos-9B-Claude-Mythos-5-1M` | |
| ## Intended Use | |
| ### Primary intended uses | |
| - **Authorized penetration testing:** Autonomous or human-in-the-loop | |
| enumeration, foothold discovery, and privilege escalation against systems the | |
| operator is explicitly permitted to test. | |
| - **Attack-path reporting:** Producing clear write-ups of each exploited | |
| weakness, its root cause, and concrete remediation guidance. | |
| - **Red-team tooling and security research:** Driving agentic workflows that use | |
| a shell/`execute` tool in isolated lab or authorized engagement environments. | |
| ### Out-of-scope and prohibited uses | |
| - **Any use against systems you are not explicitly authorized to test.** | |
| - Unauthorized access, disruption, data theft, or any use violating applicable | |
| law or the proprietary license. | |
| - Any use outside Glyph Software LLP or its authorized licensees. | |
| - Fully unattended operation without appropriate scoping, guardrails, and human | |
| oversight. | |
| ## Benchmarks | |
| | Task | Metric | Base Qwen3.5-9B | Qwythos-9B | Sentinal-R2 ([this model](https://huggingface.co/glyphsoftware/sentinal-r2)) | | |
| |------|--------|-----------------|------------|--------------------------| | |
| | gsm8k (5-shot) | exact_match (strict) | 0.510 | 0.810 | **0.831** | | |
| | gsm8k (5-shot) | exact_match (flexible) | 0.670 | **0.860** | 0.831 | | |
| | mmlu (0-shot) | acc | 0.232 | 0.575 | **0.777** | | |
| | arc_challenge (0-shot) | acc | 0.470 | 0.490 | **0.562** | | |
| | arc_challenge (0-shot) | acc_norm | 0.400 | 0.410 | **0.586** | | |
| | gpqa_diamond (CoT, 0-shot) | exact_match (flexible) | **0.630** | 0.580 | — | | |
| ## Training Data | |
| Sentinel-R2 was fine-tuned on a curated set of **authorized penetration-test | |
| agent trajectories**. Each example is a multi-turn conversation in which the | |
| assistant is given an isolated-lab target and a shell `execute` tool, and works | |
| through enumeration → foothold → privilege escalation → remediation write-up, | |
| interleaving reasoning, tool calls, and tool results. | |
| | Property | Value | | |
| |---|---| | |
| | Training examples | 113 | | |
| | Format | Multi-turn `messages` (system / user / assistant / tool) with tool calls | | |
| | Tooling | Single `execute` shell tool | | |
| | Framing | Authorized engagements in isolated lab networks | | |
| All scenarios are explicitly scoped as authorized testing against lab targets. | |
| ## Prompt Format | |
| Sentinel-R2 uses a chat template with `system`, `user`, `assistant`, and `tool` | |
| roles, and supports tool calling. The system message establishes the pentester | |
| persona and the engagement rules; the model responds with reasoning and | |
| `execute` tool calls, consumes the tool results, and continues until it reaches | |
| its objective and produces a write-up. | |
| ### Recommended system prompt | |
| ``` | |
| You are an expert penetration tester carrying out an authorized engagement in | |
| an isolated lab. You have an execute tool to run shell commands from your | |
| attacking host. Enumerate the target thoroughly, work out a foothold, escalate | |
| your privileges as far as you can (root or Administrator/SYSTEM), and then write | |
| up the full attack path — the root cause of each weakness you exploit and how to | |
| fix it. | |
| ``` | |
| ## How to Use | |
| > Access to the adapter requires an authorized Hugging Face token for the | |
| > gated/private repository. This is a LoRA adapter and must be applied on top of | |
| > the base model. | |
| ```python | |
| import torch | |
| from transformers import AutoModelForCausalLM, AutoTokenizer | |
| from peft import PeftModel | |
| base_id = "empero-ai/Qwythos-9B-Claude-Mythos-5-1M" | |
| adapter_id = "glyphsoftware/sentinal-r2-lora" | |
| tokenizer = AutoTokenizer.from_pretrained(adapter_id) | |
| base = AutoModelForCausalLM.from_pretrained( | |
| base_id, device_map="auto", torch_dtype="auto" | |
| ) | |
| model = PeftModel.from_pretrained(base, adapter_id) | |
| system = ( | |
| "You are an expert penetration tester carrying out an authorized engagement " | |
| "in an isolated lab. You have an execute tool to run shell commands from your " | |
| "attacking host. Enumerate the target thoroughly, work out a foothold, escalate " | |
| "your privileges as far as you can, and then write up the full attack path — " | |
| "the root cause of each weakness you exploit and how to fix it." | |
| ) | |
| messages = [ | |
| {"role": "system", "content": system}, | |
| {"role": "user", "content": "Assess the authorized lab host at 10.129.0.10."}, | |
| ] | |
| inputs = tokenizer.apply_chat_template( | |
| messages, add_generation_prompt=True, return_tensors="pt" | |
| ).to(model.device) | |
| out = model.generate(inputs, max_new_tokens=1024, temperature=0.3, top_p=0.9) | |
| print(tokenizer.decode(out[0][inputs.shape[-1]:], skip_special_tokens=True)) | |
| ``` | |
| The model emits `execute` tool calls; your harness is responsible for running | |
| those commands **only within an authorized, isolated environment** and feeding | |
| the results back as `tool` messages. | |
| ### Recommended generation settings | |
| | Parameter | Value | | |
| |---|---| | |
| | `temperature` | 0.2 – 0.4 | | |
| | `top_p` | 0.9 | | |
| | `max_new_tokens` | 1024+ (reasoning and tool calls consume tokens) | | |
| ## Training Procedure | |
| | Hyperparameter | Value | | |
| |---|---| | |
| | Method | Supervised fine-tuning (LoRA) | | |
| | Base model | `empero-ai/Qwythos-9B-Claude-Mythos-5-1M` | | |
| | LoRA rank / alpha | 16 / 16 | | |
| | LoRA dropout | 0.0 | | |
| | Max sequence length | 16,384 | | |
| | Epochs | 2 | | |
| | Batch size × grad accum | 2 × 4 | | |
| | Learning rate | 2e-4 | | |
| | Optimizer | `adamw_torch_fused` | | |
| | Precision | bf16 (non-4bit) | | |
| | Final training loss | ~0.589 | | |
| Trained with [Unsloth](https://github.com/unslothai/unsloth), TRL, and PEFT. | |
| ## Limitations and Risks | |
| - **Not a substitute for a skilled operator.** Outputs may be incorrect, | |
| incomplete, or unsafe to run. Every command must be reviewed before execution. | |
| - **Powerful dual-use capability.** This model is designed to compromise | |
| systems. It must only ever be pointed at targets you are explicitly authorized | |
| to test, in isolated environments, with human oversight. | |
| - **Small training set.** The adapter was trained on a modest number of | |
| trajectories; coverage of tools, platforms, and techniques is limited and | |
| biased toward the scenarios in the training data. | |
| - **Reasoning is not ground truth.** The model's plans and explanations are aids, | |
| not verified proofs; validate all findings independently. | |
| - **Harness responsibility.** Command execution, scoping, network isolation, and | |
| guardrails are the responsibility of the operator and the surrounding harness, | |
| not the model. | |
| ## License | |
| **Proprietary — All Rights Reserved.** | |
| Sentinel-R2, including this adapter, its configuration, tokenizer, and all | |
| associated artifacts, is the confidential and proprietary property of | |
| **Glyph Software LLP**. It is **not** released under any open-source license and | |
| is governed by the **Glyph Proprietary License v1.0** in the bundled | |
| [`LICENSE`](LICENSE) file. | |
| No part of this model may be copied, distributed, published, sublicensed, | |
| merged into another model, distilled, or used to train or evaluate any other | |
| model, except by Glyph Software LLP or parties holding explicit prior written | |
| permission. Access does not grant any ownership or license rights beyond those | |
| expressly granted in writing. | |
| © 2026 Glyph Software LLP. All rights reserved. | |
| ## Citation | |
| ```bibtex | |
| @misc{glyphsoftware_sentinel_r2_lora, | |
| title = {Sentinel-R2: An Authorized Penetration-Testing Agent Adapter}, | |
| author = {Glyph Software LLP}, | |
| year = {2026}, | |
| note = {Proprietary model. All rights reserved.} | |
| } | |
| ``` | |
| ## Contact | |
| For licensing, access requests, or security inquiries, contact Glyph Software LLP. | |
| [<img src="https://raw.githubusercontent.com/unslothai/unsloth/main/images/unsloth%20made%20with%20love.png" width="200"/>](https://github.com/unslothai/unsloth) | |