Hugging Face's logo

oke39
/
llama3-8b-secure-code

Text Generation
Transformers
Safetensors
English
llama
text-generation-inference
unsloth
security
code-generation
cybersecurity
llama-3
fine-tune
conversational
Model card Files
xet
Community
llama3-8b-secure-code
File size: 2,728 Bytes 
cf3498e
 
 
 
 
 
 
b5c30b6
 
 
 
 
 
cf3498e
b5c30b6
 
 
 
cf3498e
 
 
 
b5c30b6
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
cf3498e
 
 
 
 
 
 
 
 
 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
 
---
base_model: unsloth/llama-3-8b-Instruct-bnb-4bit
tags:
- text-generation-inference
- transformers
- unsloth
- llama
- security
- code-generation
- cybersecurity
- llama-3
- unsloth
- fine-tune
license: apache-2.0
datasets:
- custom-vulnerability-fix-dataset
metrics:
- code_eval
language:
- en
---

Jack: The Secure Code Agent (Llama-3 8B)

**Jack** is a specialized fine-tune of Llama-3 8B, engineered to detect and fix security vulnerabilities in Python code. It acts as an automated security auditor, taking insecure code as input and outputting a hardened, secure version.

## Key Metrics
| Metric | Score | Description |
| :--- | :--- | :--- |
| **Bandit Pass Rate** | **88.0%** | Percentage of fixes that pass the Bandit static analysis security tool. |
| **BLEU Score** | **69.27** | High structural similarity to human-expert security patches. |

## Quick Start
You can use this model directly via the Hugging Face Inference API or load it locally.

### Inference API (Serverless)
```python
import requests

API_URL = "[https://api-inference.huggingface.co/models/oke39/llama3-8b-secure-code](https://api-inference.huggingface.co/models/oke39/llama3-8b-secure-code)"
headers = {"Authorization": "Bearer YOUR_HF_TOKEN"}

payload = {
    "inputs": """<|begin_of_text|><|start_header_id|>system<|end_header_id|>

You are Jack, a Secure Code Agent. Fix the security vulnerability in the provided code.<|eot_id|><|start_header_id|>user<|end_header_id|>

def login(username, password):
    # Vulnerable SQL Injection
    query = "SELECT * FROM users WHERE username = '" + username + "' AND password = '" + password + "'"
    cursor.execute(query)<|eot_id|><|start_header_id|>assistant<|end_header_id|>
"""
}

response = requests.post(API_URL, headers=headers, json=payload)
print(response.json())
```

# Training Details
- **Dataset:** [Vulnerability Fix Dataset](https://www.kaggle.com/datasets/jiscecseaiml/vulnerability-fix-dataset)
- **Vulnerabilities Covered:** SQL Injection, XSS, Command Injection, Insecure Deserialization, Hardcoded Credentials.

# Training Details
- **GGUF Version:** [oke39/llama3-8b-secure-code-gguf](https://huggingface.co/oke39/llama3-8b-secure-code-gguf)
- **MLflow Experiment Tracking:** [Dasgshub Project](https://dagshub.com/oke39/llama3-code-agent)
  
# Uploaded finetuned  model

- **Developed by:** oke39
- **License:** apache-2.0
- **Finetuned from model :** unsloth/llama-3-8b-Instruct-bnb-4bit

This llama model was trained 2x faster with [Unsloth](https://github.com/unslothai/unsloth) and Huggingface's TRL library.

[<img src="https://raw.githubusercontent.com/unslothai/unsloth/main/images/unsloth%20made%20with%20love.png" width="200"/>](https://github.com/unslothai/unsloth)