sentinel-r2-lora / README.md
pranavms13's picture
Update README.md
090a0a6 verified
|
Raw
History Blame Contribute Delete
10.6 kB
---
license: other
license_name: glyph-proprietary-1.0
license_link: LICENSE
base_model: empero-ai/Qwythos-9B-Claude-Mythos-5-1M
library_name: peft
pipeline_tag: text-generation
language:
- en
tags:
- security
- penetration-testing
- offensive-security
- red-team
- cybersecurity
- agent
- tool-use
- reasoning
- lora
- peft
- sft
- trl
- unsloth
inference: false
extra_gated_prompt: >-
This model is the proprietary property of Glyph Software LLP. Access is
granted only to authorized licensees under a signed agreement. This is an
offensive-security agent adapter intended solely for authorized penetration
testing and security research. By requesting access you confirm you are an
authorized user, that you will only use it against systems you are explicitly
permitted to test, and that you agree to the terms in the LICENSE file.
extra_gated_fields:
Company: text
Authorized use case: text
I confirm I will only use this model against systems I am authorized to test: checkbox
I agree to the Glyph Proprietary License: checkbox
---
# Sentinel-R2 (LoRA Adapter)
> **Proprietary & Confidential.** Sentinel-R2 is the exclusive property of
> **Glyph Software LLP**. It is **not** open source and is distributed under a
> proprietary, all-rights-reserved license. See the [License](#license) section
> and the bundled [`LICENSE`](LICENSE) file.
Sentinel-R2 is an **offensive-security agent** for **authorized penetration
testing**. Given a target scope and a shell-`execute` tool, it enumerates the
target, works out a foothold, escalates privileges as far as it can, and writes
up the full attack path — the root cause of each weakness it exploits and how to
fix it. It is a reasoning + tool-use model: it plans, issues tool calls, reasons
over the results, and iterates toward its objective.
This repository contains a **LoRA adapter** (PEFT), not a full set of merged
weights. It must be loaded on top of its base model.
## Model Details
### Model Description
- **Developed & curated by:** Glyph Software LLP
- **Model persona / identity:** `Sentinel-R2`
- **Model type:** LoRA adapter for a causal decoder-only transformer; instruction-, reasoning-, and tool-use-tuned
- **Base model:** [`empero-ai/Qwythos-9B-Claude-Mythos-5-1M`](https://huggingface.co/empero-ai/Qwythos-9B-Claude-Mythos-5-1M)
- **Adapter type:** LoRA (PEFT) — rank `r=16`, `lora_alpha=16`, `lora_dropout=0.0`, bias `none`
- **Target modules:** attention and MLP projections (`q/k/v/o_proj`, `gate/up/down_proj`)
- **Task type:** `CAUSAL_LM`
- **Languages:** English (with embedded shell commands and source code across many languages)
- **Finetuning method:** Supervised fine-tuning (SFT) on curated authorized-pentest agent trajectories
- **License:** Proprietary — Glyph Proprietary License v1.0 (all rights reserved)
### Model Sources
- **Repository:** `glyphsoftware/sentinal-r2-lora` (gated)
- **Base model:** `empero-ai/Qwythos-9B-Claude-Mythos-5-1M`
## Intended Use
### Primary intended uses
- **Authorized penetration testing:** Autonomous or human-in-the-loop
enumeration, foothold discovery, and privilege escalation against systems the
operator is explicitly permitted to test.
- **Attack-path reporting:** Producing clear write-ups of each exploited
weakness, its root cause, and concrete remediation guidance.
- **Red-team tooling and security research:** Driving agentic workflows that use
a shell/`execute` tool in isolated lab or authorized engagement environments.
### Out-of-scope and prohibited uses
- **Any use against systems you are not explicitly authorized to test.**
- Unauthorized access, disruption, data theft, or any use violating applicable
law or the proprietary license.
- Any use outside Glyph Software LLP or its authorized licensees.
- Fully unattended operation without appropriate scoping, guardrails, and human
oversight.
## Benchmarks
| Task | Metric | Base Qwen3.5-9B | Qwythos-9B | Sentinal-R2 ([this model](https://huggingface.co/glyphsoftware/sentinal-r2)) |
|------|--------|-----------------|------------|--------------------------|
| gsm8k (5-shot) | exact_match (strict) | 0.510 | 0.810 | **0.831** |
| gsm8k (5-shot) | exact_match (flexible) | 0.670 | **0.860** | 0.831 |
| mmlu (0-shot) | acc | 0.232 | 0.575 | **0.777** |
| arc_challenge (0-shot) | acc | 0.470 | 0.490 | **0.562** |
| arc_challenge (0-shot) | acc_norm | 0.400 | 0.410 | **0.586** |
| gpqa_diamond (CoT, 0-shot) | exact_match (flexible) | **0.630** | 0.580 | — |
## Training Data
Sentinel-R2 was fine-tuned on a curated set of **authorized penetration-test
agent trajectories**. Each example is a multi-turn conversation in which the
assistant is given an isolated-lab target and a shell `execute` tool, and works
through enumeration → foothold → privilege escalation → remediation write-up,
interleaving reasoning, tool calls, and tool results.
| Property | Value |
|---|---|
| Training examples | 113 |
| Format | Multi-turn `messages` (system / user / assistant / tool) with tool calls |
| Tooling | Single `execute` shell tool |
| Framing | Authorized engagements in isolated lab networks |
All scenarios are explicitly scoped as authorized testing against lab targets.
## Prompt Format
Sentinel-R2 uses a chat template with `system`, `user`, `assistant`, and `tool`
roles, and supports tool calling. The system message establishes the pentester
persona and the engagement rules; the model responds with reasoning and
`execute` tool calls, consumes the tool results, and continues until it reaches
its objective and produces a write-up.
### Recommended system prompt
```
You are an expert penetration tester carrying out an authorized engagement in
an isolated lab. You have an execute tool to run shell commands from your
attacking host. Enumerate the target thoroughly, work out a foothold, escalate
your privileges as far as you can (root or Administrator/SYSTEM), and then write
up the full attack path — the root cause of each weakness you exploit and how to
fix it.
```
## How to Use
> Access to the adapter requires an authorized Hugging Face token for the
> gated/private repository. This is a LoRA adapter and must be applied on top of
> the base model.
```python
import torch
from transformers import AutoModelForCausalLM, AutoTokenizer
from peft import PeftModel
base_id = "empero-ai/Qwythos-9B-Claude-Mythos-5-1M"
adapter_id = "glyphsoftware/sentinal-r2-lora"
tokenizer = AutoTokenizer.from_pretrained(adapter_id)
base = AutoModelForCausalLM.from_pretrained(
base_id, device_map="auto", torch_dtype="auto"
)
model = PeftModel.from_pretrained(base, adapter_id)
system = (
"You are an expert penetration tester carrying out an authorized engagement "
"in an isolated lab. You have an execute tool to run shell commands from your "
"attacking host. Enumerate the target thoroughly, work out a foothold, escalate "
"your privileges as far as you can, and then write up the full attack path — "
"the root cause of each weakness you exploit and how to fix it."
)
messages = [
{"role": "system", "content": system},
{"role": "user", "content": "Assess the authorized lab host at 10.129.0.10."},
]
inputs = tokenizer.apply_chat_template(
messages, add_generation_prompt=True, return_tensors="pt"
).to(model.device)
out = model.generate(inputs, max_new_tokens=1024, temperature=0.3, top_p=0.9)
print(tokenizer.decode(out[0][inputs.shape[-1]:], skip_special_tokens=True))
```
The model emits `execute` tool calls; your harness is responsible for running
those commands **only within an authorized, isolated environment** and feeding
the results back as `tool` messages.
### Recommended generation settings
| Parameter | Value |
|---|---|
| `temperature` | 0.2 – 0.4 |
| `top_p` | 0.9 |
| `max_new_tokens` | 1024+ (reasoning and tool calls consume tokens) |
## Training Procedure
| Hyperparameter | Value |
|---|---|
| Method | Supervised fine-tuning (LoRA) |
| Base model | `empero-ai/Qwythos-9B-Claude-Mythos-5-1M` |
| LoRA rank / alpha | 16 / 16 |
| LoRA dropout | 0.0 |
| Max sequence length | 16,384 |
| Epochs | 2 |
| Batch size × grad accum | 2 × 4 |
| Learning rate | 2e-4 |
| Optimizer | `adamw_torch_fused` |
| Precision | bf16 (non-4bit) |
| Final training loss | ~0.589 |
Trained with [Unsloth](https://github.com/unslothai/unsloth), TRL, and PEFT.
## Limitations and Risks
- **Not a substitute for a skilled operator.** Outputs may be incorrect,
incomplete, or unsafe to run. Every command must be reviewed before execution.
- **Powerful dual-use capability.** This model is designed to compromise
systems. It must only ever be pointed at targets you are explicitly authorized
to test, in isolated environments, with human oversight.
- **Small training set.** The adapter was trained on a modest number of
trajectories; coverage of tools, platforms, and techniques is limited and
biased toward the scenarios in the training data.
- **Reasoning is not ground truth.** The model's plans and explanations are aids,
not verified proofs; validate all findings independently.
- **Harness responsibility.** Command execution, scoping, network isolation, and
guardrails are the responsibility of the operator and the surrounding harness,
not the model.
## License
**Proprietary — All Rights Reserved.**
Sentinel-R2, including this adapter, its configuration, tokenizer, and all
associated artifacts, is the confidential and proprietary property of
**Glyph Software LLP**. It is **not** released under any open-source license and
is governed by the **Glyph Proprietary License v1.0** in the bundled
[`LICENSE`](LICENSE) file.
No part of this model may be copied, distributed, published, sublicensed,
merged into another model, distilled, or used to train or evaluate any other
model, except by Glyph Software LLP or parties holding explicit prior written
permission. Access does not grant any ownership or license rights beyond those
expressly granted in writing.
© 2026 Glyph Software LLP. All rights reserved.
## Citation
```bibtex
@misc{glyphsoftware_sentinel_r2_lora,
title = {Sentinel-R2: An Authorized Penetration-Testing Agent Adapter},
author = {Glyph Software LLP},
year = {2026},
note = {Proprietary model. All rights reserved.}
}
```
## Contact
For licensing, access requests, or security inquiries, contact Glyph Software LLP.
[<img src="https://raw.githubusercontent.com/unslothai/unsloth/main/images/unsloth%20made%20with%20love.png" width="200"/>](https://github.com/unslothai/unsloth)