| --- |
| title: OpenMythos |
| emoji: π‘οΈ |
| colorFrom: gray |
| colorTo: indigo |
| sdk: gradio |
| sdk_version: 6.18.0 |
| python_version: '3.13' |
| app_file: app.py |
| pinned: true |
| short_description: An Open Source Cyber Security Agent |
| license: apache-2.0 |
| --- |
| |
| Check out the configuration reference at https://huggingface.co/docs/hub/spaces-config-reference |
|
|
| # openMythos π |
|
|
| An open-source proactive security intelligence platform engineered to detect, analyze, and automatically remediate source-code vulnerabilities instantly before threat actors can exploit them. |
|
|
| Built during the **Hugging Face Small Gradio Hackathon**, `openMythos` democratizes cutting-edge security auditing. It bridges an intuitive, interactive retro terminal interface with the elite agentic reasoning and long-context preservation architecture of a fine-tuned **Qwen3.6-27B** base model. |
|
|
| --- |
|
|
| ## π¨ Visual Preview |
|
|
| The interface features an immersive, distraction-free retro terminal architecture optimized for low-latency code-auditing loops: |
| [Image to be added] |
|
|
| --- |
| ## The Idea |
|
|
| Following the release of Claude's *Mythos* model, openMythos was designed to provide a fully open-source alternative. It can be run entirely locally, requiring zero internet connectivity or external dependencies to operate. |
|
|
| --- |
| ## π‘ Project Background & Core Philosophy |
|
|
| In the modern AI landscape, maintaining organizational security has escalated into an arms race. Threat groups increasingly utilize specialized, autonomous AI agents to scan global codebases, identify edge-case zero-days, and uncover hidden vulnerabilities within seconds. |
|
|
| Major enterprises and corporations face severe threat profiles from this rapid evolution of malicious technology. This paradigm shift was accelerated by the launch of proprietary security intelligence layers like Claude's *Mythos* modelβa breakthrough that raised defensive alarms across the cyber-security sector. |
|
|
| **openMythos** counters this asymmetric risk. It delivers a freely accessible, open-weights variant of optimized defensive technology. Built specifically to secure software ecosystems, openMythos is systematically trained on sprawling cross-language vulnerability datasets to evaluate whole code repositories. It detects flaws, memory leaks, security configurations, and input bugs instantly, empowering software engineering teams to deploy hotfixes long before a threat vector is weaponized. |
|
|
| --- |
| ## Features |
|
|
| This Gradio application seamlessly demonstrates how effectively it can discover vulnerabilities within user code. |
|
|
| * **Zero-Configuration Input:** Simply paste your code, and the interface automatically handles the entire analysis workflow. |
| * **Agentic Multi-Level Analysis:** Utilizes advanced agentic methods to evaluate codebases and trace security risks at multiple execution levels. |
|
|
|
|
| ## π οΈ Security Data Sources & Vulnerability Training Context |
|
|
| To achieve its precise vulnerability discovery rate, openMythos leverages a curated aggregation of top-tier industry-standard security definitions, advisory lists, and target exploit databases. |
|
|
| The model has been rigorously trained and fine-tuned on extensive datasets derived from the following security sources: |
|
|
| * **[BigVul-Filtered](https://huggingface.co/datasets/himanshu17HF/BigVul-Filtered/)** β A curated version of the Big Vulnerability Dataset containing widespread common vulnerabilities, further filtered and optimized for maximum accuracy. |
| * **[Arvix-Filtered](https://huggingface.co/datasets/himanshu17HF/ArvixImport-Filtered-Final)** β A collection of filtered academic research papers focused explicitly on programming language vulnerabilities. |
| --- |
| ## π§ Base Model Foundation |
|
|
| The project utilizes **Qwen3.6-27B** as its foundational architecture. This parameter-dense model offers strong agentic coding capabilities and supports native context windows up to 262,144 tokens (extensible to over 1 million tokens via specialized scaling). This extended context allows openMythos to map complex variable trails and dependency structures across entire software repositories during a single security sweep. |
|
|
| --- |
|
|
| ## π’ Product Demos & Social Ecosystem Coverage |
|
|
| Stay up-to-date with active development branches, integration tutorials, and production stress tests: |
| * **Interactive Project Demo Walkthrough:** [Watch the Social Media Demo Video & Technical Explainer Post](#) *(Link updated post hackathon evaluation window)* |
|
|
| --- |
|
|
| ## π€ Project Contributors & Ecosystem Credits |
|
|
| Developed with β€οΈ during the Hugging Face Small Gradio Hackathon by: |
| * **KingNish** β [HuggingFace Profile](https://huggingface.co/KingNish) |
| * **Himanshu** β [HuggingFace Profile](https://huggingface.co/himanshu17HF) |
|
|
| --- |
|
|
| ## π Citations & Academic Attributions |
|
|
| ```bibtex |
| @misc{openmythos2026, |
| title = {openMythos: Defensive Security Code-Auditing Agent Interface via Qwen3.6 Context Preservation}, |
| author = {KingNish and Himanshu}, |
| year = {2026}, |
| howpublished = {Hugging Face Small Gradio Hackathon Project Suite} |
| } |
| |
| @misc{qwen3.6-27b, |
| title = {{Qwen3.6-27B}: Flagship-Level Coding in a {27B} Dense Model}, |
| author = {{Qwen Team}}, |
| month = {April}, |
| year = {2026}, |
| url = {[https://qwen.ai/blog?id=qwen3.6-27b](https://qwen.ai/blog?id=qwen3.6-27b)} |
| } |