Instructions to use oxdev/security-auditor-grpo with libraries, inference providers, notebooks, and local apps. Follow these links to get started.

Libraries

How to use oxdev/security-auditor-grpo with Transformers:

# Use a pipeline as a high-level helper
from transformers import pipeline

pipe = pipeline("text-generation", model="oxdev/security-auditor-grpo")
messages = [
    {"role": "user", "content": "Who are you?"},
]
pipe(messages)

# Load model directly
from transformers import AutoTokenizer, AutoModelForCausalLM

tokenizer = AutoTokenizer.from_pretrained("oxdev/security-auditor-grpo")
model = AutoModelForCausalLM.from_pretrained("oxdev/security-auditor-grpo")
messages = [
    {"role": "user", "content": "Who are you?"},
]
inputs = tokenizer.apply_chat_template(
	messages,
	add_generation_prompt=True,
	tokenize=True,
	return_dict=True,
	return_tensors="pt",
).to(model.device)

outputs = model.generate(**inputs, max_new_tokens=40)
print(tokenizer.decode(outputs[0][inputs["input_ids"].shape[-1]:]))

Notebooks
Google Colab
Kaggle
Local Apps

vLLM

How to use oxdev/security-auditor-grpo with vLLM:

Install from pip and serve model

# Install vLLM from pip:
pip install vllm
# Start the vLLM server:
vllm serve "oxdev/security-auditor-grpo"
# Call the server using curl (OpenAI-compatible API):
curl -X POST "http://localhost:8000/v1/chat/completions" \
	-H "Content-Type: application/json" \
	--data '{
		"model": "oxdev/security-auditor-grpo",
		"messages": [
			{
				"role": "user",
				"content": "What is the capital of France?"
			}
		]
	}'

Use Docker

docker model run hf.co/oxdev/security-auditor-grpo

SGLang

How to use oxdev/security-auditor-grpo with SGLang:

Install from pip and serve model

# Install SGLang from pip:
pip install sglang
# Start the SGLang server:
python3 -m sglang.launch_server \
    --model-path "oxdev/security-auditor-grpo" \
    --host 0.0.0.0 \
    --port 30000
# Call the server using curl (OpenAI-compatible API):
curl -X POST "http://localhost:30000/v1/chat/completions" \
	-H "Content-Type: application/json" \
	--data '{
		"model": "oxdev/security-auditor-grpo",
		"messages": [
			{
				"role": "user",
				"content": "What is the capital of France?"
			}
		]
	}'

Use Docker images

docker run --gpus all \
    --shm-size 32g \
    -p 30000:30000 \
    -v ~/.cache/huggingface:/root/.cache/huggingface \
    --env "HF_TOKEN=<secret>" \
    --ipc=host \
    lmsysorg/sglang:latest \
    python3 -m sglang.launch_server \
        --model-path "oxdev/security-auditor-grpo" \
        --host 0.0.0.0 \
        --port 30000
# Call the server using curl (OpenAI-compatible API):
curl -X POST "http://localhost:30000/v1/chat/completions" \
	-H "Content-Type: application/json" \
	--data '{
		"model": "oxdev/security-auditor-grpo",
		"messages": [
			{
				"role": "user",
				"content": "What is the capital of France?"
			}
		]
	}'

Docker Model Runner
How to use oxdev/security-auditor-grpo with Docker Model Runner:
```
docker model run hf.co/oxdev/security-auditor-grpo
```

oxdev commited on 23 days ago

Commit

75be256

verified ·

1 Parent(s): 93b6a9a

fix: escape syntax in quality_reward

Browse files

Files changed (1) hide show

train_grpo_v2.py +8 -10

train_grpo_v2.py CHANGED Viewed

@@ -214,7 +214,7 @@ def quality_reward(prompts, completions, completion_ids=None, **kwargs):
             reward += 0.1
         # Penalize generic/unhelpful responses
-        generic_phrases = ['i cannot', 'i don\\'t', 'no vulnerabilities found', 'the code looks safe']
         if any(p in text.lower() for p in generic_phrases):
             reward -= 0.5
@@ -239,42 +239,40 @@ def main():
     dataset = load_dataset(DATASET_ID, split="train")
     logger.info(f"Dataset: {len(dataset)} samples, columns={dataset.column_names}")
     # Log severity distribution
     sev_dist = Counter(dataset['severity'])
     logger.info(f"Severity distribution: {dict(sev_dist)}")
-    # Subsample for 0.5B model on T4 — use 15K most relevant samples
     # Prioritize: HIGH > MEDIUM > has_code > has_poc
     logger.info("Selecting high-quality training subset...")
     indices = []
-    idx_set = set()
     # Priority 1: HIGH severity with code (most valuable)
     for i, row in enumerate(dataset):
         if row['severity'] in ('high', 'critical') and row['has_code']:
             indices.append(i)
-            idx_set.add(i)
     logger.info(f"  HIGH+CRITICAL with code: {len(indices)}")
     # Priority 2: MEDIUM severity with code
     for i, row in enumerate(dataset):
-        if row['severity'] == 'medium' and row['has_code'] and i not in idx_set:
             indices.append(i)
-            idx_set.add(i)
     logger.info(f"  + MEDIUM with code: {len(indices)}")
     # Priority 3: Any with PoC reference
     for i, row in enumerate(dataset):
-        if row['has_poc'] and i not in idx_set:
             indices.append(i)
-            idx_set.add(i)
     logger.info(f"  + Has PoC: {len(indices)}")
     # Priority 4: Fill remaining with HIGH/MED without code
     for i, row in enumerate(dataset):
-        if row['severity'] in ('high', 'medium', 'critical') and i not in idx_set:
             indices.append(i)
-            idx_set.add(i)
         if len(indices) >= 15000:
             break
     logger.info(f"  Final subset: {len(indices)} samples")

             reward += 0.1
         # Penalize generic/unhelpful responses
+        generic_phrases = ['i cannot', 'i don\'t', 'no vulnerabilities found', 'the code looks safe']
         if any(p in text.lower() for p in generic_phrases):
             reward -= 0.5
     dataset = load_dataset(DATASET_ID, split="train")
     logger.info(f"Dataset: {len(dataset)} samples, columns={dataset.column_names}")
+    # For GRPO we only need 'prompt' column + metadata columns for reward
+    # The reward functions access metadata via kwargs passed from the dataset
     # Log severity distribution
     sev_dist = Counter(dataset['severity'])
     logger.info(f"Severity distribution: {dict(sev_dist)}")
+    # Subsample for 0.5B model on T4 — use 10K most relevant samples
     # Prioritize: HIGH > MEDIUM > has_code > has_poc
     logger.info("Selecting high-quality training subset...")
     indices = []
     # Priority 1: HIGH severity with code (most valuable)
     for i, row in enumerate(dataset):
         if row['severity'] in ('high', 'critical') and row['has_code']:
             indices.append(i)
     logger.info(f"  HIGH+CRITICAL with code: {len(indices)}")
     # Priority 2: MEDIUM severity with code
     for i, row in enumerate(dataset):
+        if row['severity'] == 'medium' and row['has_code'] and i not in set(indices):
             indices.append(i)
     logger.info(f"  + MEDIUM with code: {len(indices)}")
     # Priority 3: Any with PoC reference
     for i, row in enumerate(dataset):
+        if row['has_poc'] and i not in set(indices):
             indices.append(i)
     logger.info(f"  + Has PoC: {len(indices)}")
     # Priority 4: Fill remaining with HIGH/MED without code
     for i, row in enumerate(dataset):
+        if row['severity'] in ('high', 'medium', 'critical') and i not in set(indices):
             indices.append(i)
         if len(indices) >= 15000:
             break
     logger.info(f"  Final subset: {len(indices)} samples")