Update README.md
Browse files
README.md
CHANGED
|
@@ -5,11 +5,65 @@ tags:
|
|
| 5 |
- transformers
|
| 6 |
- unsloth
|
| 7 |
- llama
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 8 |
license: apache-2.0
|
|
|
|
|
|
|
|
|
|
|
|
|
| 9 |
language:
|
| 10 |
- en
|
| 11 |
---
|
| 12 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 13 |
# Uploaded finetuned model
|
| 14 |
|
| 15 |
- **Developed by:** oke39
|
|
|
|
| 5 |
- transformers
|
| 6 |
- unsloth
|
| 7 |
- llama
|
| 8 |
+
- security
|
| 9 |
+
- code-generation
|
| 10 |
+
- cybersecurity
|
| 11 |
+
- llama-3
|
| 12 |
+
- unsloth
|
| 13 |
+
- fine-tune
|
| 14 |
license: apache-2.0
|
| 15 |
+
datasets:
|
| 16 |
+
- custom-vulnerability-fix-dataset
|
| 17 |
+
metrics:
|
| 18 |
+
- code_eval
|
| 19 |
language:
|
| 20 |
- en
|
| 21 |
---
|
| 22 |
|
| 23 |
+
Jack: The Secure Code Agent (Llama-3 8B)
|
| 24 |
+
|
| 25 |
+
**Jack** is a specialized fine-tune of Llama-3 8B, engineered to detect and fix security vulnerabilities in Python code. It acts as an automated security auditor, taking insecure code as input and outputting a hardened, secure version.
|
| 26 |
+
|
| 27 |
+
## Key Metrics
|
| 28 |
+
| Metric | Score | Description |
|
| 29 |
+
| :--- | :--- | :--- |
|
| 30 |
+
| **Bandit Pass Rate** | **88.0%** | Percentage of fixes that pass the Bandit static analysis security tool. |
|
| 31 |
+
| **BLEU Score** | **69.27** | High structural similarity to human-expert security patches. |
|
| 32 |
+
|
| 33 |
+
## Quick Start
|
| 34 |
+
You can use this model directly via the Hugging Face Inference API or load it locally.
|
| 35 |
+
|
| 36 |
+
### Inference API (Serverless)
|
| 37 |
+
```python
|
| 38 |
+
import requests
|
| 39 |
+
|
| 40 |
+
API_URL = "[https://api-inference.huggingface.co/models/oke39/llama3-8b-secure-code](https://api-inference.huggingface.co/models/oke39/llama3-8b-secure-code)"
|
| 41 |
+
headers = {"Authorization": "Bearer YOUR_HF_TOKEN"}
|
| 42 |
+
|
| 43 |
+
payload = {
|
| 44 |
+
"inputs": """<|begin_of_text|><|start_header_id|>system<|end_header_id|>
|
| 45 |
+
|
| 46 |
+
You are Jack, a Secure Code Agent. Fix the security vulnerability in the provided code.<|eot_id|><|start_header_id|>user<|end_header_id|>
|
| 47 |
+
|
| 48 |
+
def login(username, password):
|
| 49 |
+
# Vulnerable SQL Injection
|
| 50 |
+
query = "SELECT * FROM users WHERE username = '" + username + "' AND password = '" + password + "'"
|
| 51 |
+
cursor.execute(query)<|eot_id|><|start_header_id|>assistant<|end_header_id|>
|
| 52 |
+
"""
|
| 53 |
+
}
|
| 54 |
+
|
| 55 |
+
response = requests.post(API_URL, headers=headers, json=payload)
|
| 56 |
+
print(response.json())
|
| 57 |
+
```
|
| 58 |
+
|
| 59 |
+
# Training Details
|
| 60 |
+
- **Dataset:** [Vulnerability Fix Dataset](https://www.kaggle.com/datasets/jiscecseaiml/vulnerability-fix-dataset)
|
| 61 |
+
- **Vulnerabilities Covered:** SQL Injection, XSS, Command Injection, Insecure Deserialization, Hardcoded Credentials.
|
| 62 |
+
|
| 63 |
+
# Training Details
|
| 64 |
+
- **GGUF Version:** [oke39/llama3-8b-secure-code-gguf](https://huggingface.co/oke39/llama3-8b-secure-code-gguf)
|
| 65 |
+
- **MLflow Experiment Tracking:** [Dasgshub Project](https://dagshub.com/oke39/llama3-code-agent)
|
| 66 |
+
|
| 67 |
# Uploaded finetuned model
|
| 68 |
|
| 69 |
- **Developed by:** oke39
|