Update README.md
Browse files
README.md
CHANGED
|
@@ -143,18 +143,6 @@ Not applicable.
|
|
| 143 |
#### Training Hyperparameters
|
| 144 |
|
| 145 |
- **Training regime:** Not applicable — no training was performed by the Protecttors organization for this repository.
|
| 146 |
-
|
| 147 |
-
#### Speeds, Sizes, Times [optional]
|
| 148 |
-
|
| 149 |
-
<!-- This section provides information about throughput, start/end time, checkpoint size if relevant, etc. -->
|
| 150 |
-
|
| 151 |
-
| Artifact Directory | Approximate Size | Format |
|
| 152 |
-
|---|---|---|
|
| 153 |
-
| `gguf_diffusion_model/` | ~280 MB | GGUF |
|
| 154 |
-
| `ml_pkl_file/` | Variable | Python Pickle |
|
| 155 |
-
| `torch_bin_model/` | Variable | PyTorch Binary |
|
| 156 |
-
| **Total repository** | **~301 MB** | Mixed |
|
| 157 |
-
|
| 158 |
---
|
| 159 |
|
| 160 |
## Evaluation
|
|
@@ -165,14 +153,10 @@ Not applicable.
|
|
| 165 |
|
| 166 |
#### Testing Data
|
| 167 |
|
| 168 |
-
<!-- This should link to a Dataset Card if possible. -->
|
| 169 |
-
|
| 170 |
This repository is itself a test dataset for security tooling. It is not evaluated on NLP benchmarks.
|
| 171 |
|
| 172 |
#### Factors
|
| 173 |
|
| 174 |
-
<!-- These are the things the evaluation is disaggregating by, e.g., subpopulations or domains. -->
|
| 175 |
-
|
| 176 |
The relevant evaluation factors for tooling using this repository are:
|
| 177 |
|
| 178 |
- **Format coverage:** Does the scanner/AIBOM tool correctly handle all three artifact formats?
|
|
@@ -203,8 +187,6 @@ This repository provides 4 unsafe artifacts and a mix of format types to stress-
|
|
| 203 |
|
| 204 |
## Model Examination [optional]
|
| 205 |
|
| 206 |
-
<!-- Relevant interpretability work for the model goes here -->
|
| 207 |
-
|
| 208 |
The GGUF weights are derived from Qwen2-0.5B, a transformer-based autoregressive language model. No interpretability analysis has been performed by the Protecttors organization on these artifacts. Researchers wishing to inspect model internals may use GGUF header parsing tools to examine quantization metadata without loading full weights into memory.
|
| 209 |
|
| 210 |
---
|
|
@@ -250,42 +232,13 @@ Not applicable.
|
|
| 250 |
- Pickle artifacts: Python 3.x standard library
|
| 251 |
- PyTorch Package
|
| 252 |
|
| 253 |
-
---
|
| 254 |
-
|
| 255 |
-
## Citation [optional]
|
| 256 |
-
|
| 257 |
-
<!-- If there is a paper or blog post introducing the model, the APA and Bibtex information for that should go in this section. -->
|
| 258 |
-
|
| 259 |
-
**BibTeX:**
|
| 260 |
-
|
| 261 |
-
---
|
| 262 |
-
|
| 263 |
-
## Glossary [optional]
|
| 264 |
-
|
| 265 |
-
<!-- If relevant, include terms and calculations in this section that can help readers understand the model or model card. -->
|
| 266 |
-
|
| 267 |
-
| Term | Definition |
|
| 268 |
-
|---|---|
|
| 269 |
-
| **AIBOM** | AI Bill of Materials — a structured inventory of components, dependencies, and metadata for an AI model artifact |
|
| 270 |
-
| **SBOM** | Software Bill of Materials — analogous to AIBOM but covering software supply chains broadly |
|
| 271 |
-
| **VEX** | Vulnerability Exploitability eXchange — a document format for attaching exploitability status to known vulnerabilities in software/AI components |
|
| 272 |
-
| **GGUF** | A binary serialization format for quantized LLM weights, used by `llama.cpp` and compatible runtimes |
|
| 273 |
-
| **Pickle** | Python's native object serialization format; dangerous when loading untrusted sources as it supports arbitrary code execution |
|
| 274 |
-
| **SafeTensors** | A safer alternative serialization format for ML weights that does not support code execution on load |
|
| 275 |
-
| **Red teaming** | Adversarial testing methodology where security researchers simulate attacker behavior to identify vulnerabilities |
|
| 276 |
-
| **CERT-In** | Indian Computer Emergency Response Team — the national nodal agency for cybersecurity incident response in India |
|
| 277 |
-
|
| 278 |
-
---
|
| 279 |
-
|
| 280 |
-
## More Information [optional]
|
| 281 |
-
|
| 282 |
-
---
|
| 283 |
-
|
| 284 |
-
## Model Card Authors [optional]
|
| 285 |
|
| 286 |
-
|
| 287 |
|
| 288 |
-
-
|
|
|
|
|
|
|
|
|
|
| 289 |
|
| 290 |
## Model Card Contact
|
| 291 |
|
|
|
|
| 143 |
#### Training Hyperparameters
|
| 144 |
|
| 145 |
- **Training regime:** Not applicable — no training was performed by the Protecttors organization for this repository.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 146 |
---
|
| 147 |
|
| 148 |
## Evaluation
|
|
|
|
| 153 |
|
| 154 |
#### Testing Data
|
| 155 |
|
|
|
|
|
|
|
| 156 |
This repository is itself a test dataset for security tooling. It is not evaluated on NLP benchmarks.
|
| 157 |
|
| 158 |
#### Factors
|
| 159 |
|
|
|
|
|
|
|
| 160 |
The relevant evaluation factors for tooling using this repository are:
|
| 161 |
|
| 162 |
- **Format coverage:** Does the scanner/AIBOM tool correctly handle all three artifact formats?
|
|
|
|
| 187 |
|
| 188 |
## Model Examination [optional]
|
| 189 |
|
|
|
|
|
|
|
| 190 |
The GGUF weights are derived from Qwen2-0.5B, a transformer-based autoregressive language model. No interpretability analysis has been performed by the Protecttors organization on these artifacts. Researchers wishing to inspect model internals may use GGUF header parsing tools to examine quantization metadata without loading full weights into memory.
|
| 191 |
|
| 192 |
---
|
|
|
|
| 232 |
- Pickle artifacts: Python 3.x standard library
|
| 233 |
- PyTorch Package
|
| 234 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 235 |
|
| 236 |
+
### Framework versions
|
| 237 |
|
| 238 |
+
- Transformers 4.28.1
|
| 239 |
+
- Pytorch 2.0.0+cu118
|
| 240 |
+
- Datasets 2.11.0
|
| 241 |
+
- Tokenizers 0.13.3
|
| 242 |
|
| 243 |
## Model Card Contact
|
| 244 |
|