Hugging Face's logo

Spaces:
openenv-community
/
Sentinel
Running

App Files Community
nihalaninihal Claude Opus 4.6 commited on
Commit
e09a415
·
1 Parent(s): 5e0f2b1

Align train.py and Colab notebook with official Unsloth+OpenEnv GRPO patterns

Browse files

- BF16 precision (load_in_4bit=False) for H100s
- vLLM fast inference (fast_inference=True)
- Environment-executing reward functions: completions parsed into
SentinelActions and executed in live SentinelOpsArena for real rewards
- lora_alpha = 2 * lora_rank (official recommendation)
- max_steps=300, num_generations=2, learning_rate=5e-5, temperature=1.0
- Updated VALID_TARGETS_FOR_ATTACK for billing schema drift + ticketing policy drift
- Colab notebook now supports all 3 agents with TARGET_AGENT variable

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

Files changed (2) hide show
  1. train.py +135 -79
  2. training/colab_training.ipynb +124 -222
train.py CHANGED
@@ -3,14 +3,17 @@ SentinelOps Arena — Multi-Agent Training Script
3
  =================================================
4
  GRPO training for Worker, Attacker, and Oversight agents using TRL + Unsloth.
5
 
 
 
 
 
 
 
6
  Each agent learns its role:
7
  - Worker: handle enterprise tasks, resist attacks, maintain compliance
8
  - Attacker: launch strategic attacks, conserve budget, exploit weaknesses
9
  - Oversight: detect violations, flag anomalies, provide quality explanations
10
 
11
- Run in Google Colab with GPU runtime:
12
- !pip install unsloth "trl>=0.15" transformers torch accelerate pydantic
13
-
14
  Usage:
15
  python train.py # train worker (default)
16
  python train.py --agent attacker # train attacker only
@@ -41,8 +44,8 @@ VALID_WORKER_ACTIONS = {
41
  VALID_ATTACKS = {"schema_drift", "policy_drift", "social_engineering", "rate_limit"}
42
 
43
  VALID_TARGETS_FOR_ATTACK = {
44
- "schema_drift": ["crm"],
45
- "policy_drift": ["billing"],
46
  "social_engineering": ["crm", "billing", "ticketing"],
47
  "rate_limit": ["crm", "billing", "ticketing"],
48
  }
@@ -476,84 +479,132 @@ def build_training_dataset(num_episodes: int, target_agent: str) -> list[dict]:
476
  # Role-specific reward functions for GRPO
477
  # -------------------------------------------------------------------
478
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
479
  def make_reward_function(agent_role: str):
480
- """Create a reward function for GRPO that scores completions by role.
 
 
 
 
 
481
 
482
- Rewards valid JSON structure, correct action types, and role-specific
483
- quality signals (defensive actions for worker, strategic attacks for
484
- attacker, quality explanations for oversight).
485
  """
486
  def reward_fn(completions, **kwargs):
487
  rewards = []
488
- for completion in completions:
489
  text = completion[0]["content"] if isinstance(completion, list) else str(completion)
490
- score = 0.0
491
 
492
- try:
493
- start = text.find("{")
494
- end = text.rfind("}") + 1
495
- if start < 0 or end <= start:
496
- raise ValueError("No JSON found")
 
 
 
 
 
497
 
498
- data = json.loads(text[start:end])
 
 
 
 
 
 
499
 
 
 
 
 
500
  if agent_role == "worker":
501
- score += 0.3 # valid JSON
502
- action_type = data.get("action_type", "")
503
- if action_type in VALID_WORKER_ACTIONS:
504
- score += 0.2 # valid action type
505
- # Reward defensive actions
506
- if action_type == "get_schema":
507
- score += 0.5 # schema checking
508
- elif action_type == "get_current_policy":
509
- score += 0.5 # policy checking
510
- elif action_type == "respond":
511
  resp = data.get("response_text", "").lower()
512
- if any(w in resp for w in ["cannot", "verify", "social engineering", "suspicious"]):
513
- score += 1.0 # resisting social engineering
514
- elif action_type in ("lookup_customer", "check_balance"):
515
- score += 0.2 # valid enterprise action
516
- elif action_type == "issue_refund":
517
- score += 0.1 # refund (risky, lower baseline reward)
518
-
519
  elif agent_role == "attacker":
520
- score += 0.3 # valid JSON
521
- action_type = data.get("action_type", "")
522
- if action_type == "launch_attack":
523
- params = data.get("parameters", {})
524
- attack_type = params.get("attack_type", "")
525
- target = params.get("target_system", "")
526
- if attack_type in VALID_ATTACKS:
527
- score += 0.5 # valid attack type
528
- if target in VALID_TARGETS_FOR_ATTACK.get(attack_type, []):
529
- score += 0.3 # valid target for this attack
530
- # Bonus for having required attack params
531
- if attack_type == "schema_drift" and "old_field" in params and "new_field" in params:
532
- score += 0.2
533
- elif attack_type == "policy_drift" and "changes" in params:
534
- score += 0.2
535
- elif attack_type == "social_engineering" and "injected_message" in params:
536
- score += 0.2
537
- elif attack_type == "rate_limit" and "max_calls_per_tick" in params:
538
- score += 0.2
539
- elif action_type == "pass":
540
- score += 0.1 # valid pass (budget conservation)
541
-
542
  elif agent_role == "oversight":
543
- score += 0.3 # valid JSON
544
- action_type = data.get("action_type", "")
545
- if action_type in ("flag", "approve"):
546
- score += 0.2 # valid oversight action
547
  explanation = data.get("explanation", "")
548
- if explanation and len(explanation) > 20:
549
- score += 0.3 # quality explanation (> 20 chars)
550
  if explanation and len(explanation) > 50:
551
- score += 0.2 # detailed explanation bonus
552
-
553
- except (json.JSONDecodeError, KeyError, ValueError):
554
- score = -0.5 # invalid output
555
 
556
- rewards.append(score)
 
 
557
  return rewards
558
 
559
  return reward_fn
@@ -657,27 +708,31 @@ def train_single_agent(role: str, args):
657
 
658
  # --- Step 3: Load model ---
659
  print(f"\n[3/4] Loading model: {args.model_name}...")
 
660
  if args.use_unsloth:
661
  from unsloth import FastLanguageModel
662
 
663
  model, tokenizer = FastLanguageModel.from_pretrained(
664
  model_name=args.model_name,
665
- max_seq_length=2048,
666
- load_in_4bit=True,
 
 
 
667
  )
668
  model = FastLanguageModel.get_peft_model(
669
  model,
670
- r=16,
671
  target_modules=[
672
  "q_proj", "k_proj", "v_proj", "o_proj",
673
  "gate_proj", "up_proj", "down_proj",
674
  ],
675
- lora_alpha=16,
676
  lora_dropout=0,
677
  bias="none",
678
  use_gradient_checkpointing="unsloth",
679
  )
680
- print(" Loaded with Unsloth (4-bit + LoRA)")
681
  else:
682
  from transformers import AutoModelForCausalLM, AutoTokenizer
683
 
@@ -697,13 +752,14 @@ def train_single_agent(role: str, args):
697
 
698
  grpo_config = GRPOConfig(
699
  output_dir=output_dir,
700
- num_train_epochs=args.num_epochs,
701
- per_device_train_batch_size=2,
702
  gradient_accumulation_steps=4,
703
- num_generations=4,
704
  max_completion_length=256,
705
  max_prompt_length=512,
706
- learning_rate=5e-6,
 
707
  logging_steps=1,
708
  save_steps=50,
709
  report_to="none",
@@ -745,11 +801,11 @@ def main():
745
  )
746
  parser.add_argument(
747
  "--use_unsloth", action="store_true",
748
- help="Use Unsloth for 2x faster training",
749
  )
750
  parser.add_argument(
751
- "--num_epochs", type=int, default=1,
752
- help="Training epochs",
753
  )
754
  parser.add_argument(
755
  "--num_episodes", type=int, default=20,
 
3
  =================================================
4
  GRPO training for Worker, Attacker, and Oversight agents using TRL + Unsloth.
5
 
6
+ Follows the official OpenEnv + Unsloth GRPO reference patterns:
7
+ - BF16 precision on H100 (load_in_4bit=False)
8
+ - vLLM fast inference (fast_inference=True)
9
+ - Environment-executing reward functions (completions run in SentinelOpsArena)
10
+ - LoRA with lora_alpha = 2 * lora_rank
11
+
12
  Each agent learns its role:
13
  - Worker: handle enterprise tasks, resist attacks, maintain compliance
14
  - Attacker: launch strategic attacks, conserve budget, exploit weaknesses
15
  - Oversight: detect violations, flag anomalies, provide quality explanations
16
 
 
 
 
17
  Usage:
18
  python train.py # train worker (default)
19
  python train.py --agent attacker # train attacker only
 
44
  VALID_ATTACKS = {"schema_drift", "policy_drift", "social_engineering", "rate_limit"}
45
 
46
  VALID_TARGETS_FOR_ATTACK = {
47
+ "schema_drift": ["crm", "billing"],
48
+ "policy_drift": ["billing", "ticketing"],
49
  "social_engineering": ["crm", "billing", "ticketing"],
50
  "rate_limit": ["crm", "billing", "ticketing"],
51
  }
 
479
  # Role-specific reward functions for GRPO
480
  # -------------------------------------------------------------------
481
 
482
+ def _parse_completion_to_action(text: str, agent_role: str) -> SentinelAction | None:
483
+ """Parse a raw LLM completion into a SentinelAction, or None if invalid."""
484
+ parsers = {
485
+ "worker": parse_worker_action,
486
+ "attacker": parse_attacker_action,
487
+ "oversight": parse_oversight_action,
488
+ }
489
+ try:
490
+ start = text.find("{")
491
+ end = text.rfind("}") + 1
492
+ if start < 0 or end <= start:
493
+ return None
494
+ # Validate it's parseable JSON
495
+ json.loads(text[start:end])
496
+ return parsers[agent_role](text)
497
+ except (json.JSONDecodeError, KeyError, ValueError):
498
+ return None
499
+
500
+
501
+ def _execute_action_in_env(action: SentinelAction, agent_role: str, seed: int = 42) -> float:
502
+ """Execute a parsed action in a fresh SentinelOps environment.
503
+
504
+ Follows the OpenEnv 2048 reference pattern: reward functions create
505
+ a fresh environment, execute the completion, and return the real reward.
506
+
507
+ Returns the environment reward for the action.
508
+ """
509
+ env = SentinelOpsArena()
510
+ obs = env.reset(seed=seed)
511
+
512
+ # Fast-forward to the target agent's first turn using heuristic agents
513
+ max_ff = 30 # safety limit
514
+ for _ in range(max_ff):
515
+ if obs.done:
516
+ return 0.0
517
+ current = obs.current_agent
518
+ if current == AgentRole.ATTACKER:
519
+ if agent_role == "attacker":
520
+ break
521
+ obs = env.step(SentinelAction(agent=AgentRole.ATTACKER, action_type="pass"))
522
+ elif current == AgentRole.WORKER:
523
+ if agent_role == "worker":
524
+ break
525
+ obs = env.step(SentinelAction(
526
+ agent=AgentRole.WORKER, action_type="respond",
527
+ response_text="Acknowledged.",
528
+ ))
529
+ else:
530
+ if agent_role == "oversight":
531
+ break
532
+ obs = env.step(SentinelAction(
533
+ agent=AgentRole.OVERSIGHT, action_type="approve",
534
+ flag=False, explanation="OK",
535
+ ))
536
+
537
+ if obs.done:
538
+ return 0.0
539
+
540
+ # Execute the LLM's action in the environment
541
+ obs = env.step(action)
542
+ return obs.reward
543
+
544
+
545
  def make_reward_function(agent_role: str):
546
+ """Create an environment-executing reward function for GRPO.
547
+
548
+ Follows the official OpenEnv + Unsloth GRPO pattern:
549
+ 1. Parse LLM completion into a SentinelAction
550
+ 2. Execute it in a fresh SentinelOpsArena environment
551
+ 3. Return real environment reward + format bonus
552
 
553
+ This replaces pure text-matching with actual environment feedback,
554
+ which is the key differentiator in the OpenEnv hackathon.
 
555
  """
556
  def reward_fn(completions, **kwargs):
557
  rewards = []
558
+ for i, completion in enumerate(completions):
559
  text = completion[0]["content"] if isinstance(completion, list) else str(completion)
 
560
 
561
+ # Step 1: Parse completion into action
562
+ action = _parse_completion_to_action(text, agent_role)
563
+
564
+ if action is None:
565
+ # Invalid output — strong negative signal
566
+ rewards.append(-1.0)
567
+ continue
568
+
569
+ # Step 2: Format validation bonus (valid JSON + correct fields)
570
+ format_bonus = 0.5
571
 
572
+ # Step 3: Execute in environment for real reward
573
+ try:
574
+ env_reward = _execute_action_in_env(
575
+ action, agent_role, seed=42 + i
576
+ )
577
+ except Exception:
578
+ env_reward = 0.0
579
 
580
+ # Step 4: Role-specific quality bonus
581
+ quality_bonus = 0.0
582
+ try:
583
+ data = json.loads(text[text.find("{"):text.rfind("}") + 1])
584
  if agent_role == "worker":
585
+ at = data.get("action_type", "")
586
+ if at in ("get_schema", "get_current_policy"):
587
+ quality_bonus = 0.5 # defensive actions
588
+ elif at == "respond":
 
 
 
 
 
 
589
  resp = data.get("response_text", "").lower()
590
+ if any(w in resp for w in ["cannot", "verify", "social engineering"]):
591
+ quality_bonus = 1.0 # resisting social engineering
 
 
 
 
 
592
  elif agent_role == "attacker":
593
+ params = data.get("parameters", {})
594
+ at_type = params.get("attack_type", "")
595
+ target = params.get("target_system", "")
596
+ if at_type in VALID_ATTACKS and target in VALID_TARGETS_FOR_ATTACK.get(at_type, []):
597
+ quality_bonus = 0.3 # valid attack + target combo
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
598
  elif agent_role == "oversight":
 
 
 
 
599
  explanation = data.get("explanation", "")
 
 
600
  if explanation and len(explanation) > 50:
601
+ quality_bonus = 0.5 # quality explanation
602
+ except (json.JSONDecodeError, ValueError):
603
+ pass
 
604
 
605
+ # Combined reward: environment signal + format + quality
606
+ total = env_reward + format_bonus + quality_bonus
607
+ rewards.append(total)
608
  return rewards
609
 
610
  return reward_fn
 
708
 
709
  # --- Step 3: Load model ---
710
  print(f"\n[3/4] Loading model: {args.model_name}...")
711
+ lora_rank = 16
712
  if args.use_unsloth:
713
  from unsloth import FastLanguageModel
714
 
715
  model, tokenizer = FastLanguageModel.from_pretrained(
716
  model_name=args.model_name,
717
+ max_seq_length=768,
718
+ load_in_4bit=False, # BF16 for H100s (official recommendation)
719
+ fast_inference=True, # vLLM for fast GRPO generation
720
+ max_lora_rank=lora_rank,
721
+ gpu_memory_utilization=0.9,
722
  )
723
  model = FastLanguageModel.get_peft_model(
724
  model,
725
+ r=lora_rank,
726
  target_modules=[
727
  "q_proj", "k_proj", "v_proj", "o_proj",
728
  "gate_proj", "up_proj", "down_proj",
729
  ],
730
+ lora_alpha=lora_rank * 2, # Official: lora_alpha = 2 * lora_rank
731
  lora_dropout=0,
732
  bias="none",
733
  use_gradient_checkpointing="unsloth",
734
  )
735
+ print(f" Loaded with Unsloth (BF16 + vLLM + LoRA r={lora_rank})")
736
  else:
737
  from transformers import AutoModelForCausalLM, AutoTokenizer
738
 
 
752
 
753
  grpo_config = GRPOConfig(
754
  output_dir=output_dir,
755
+ max_steps=args.max_steps,
756
+ per_device_train_batch_size=1,
757
  gradient_accumulation_steps=4,
758
+ num_generations=2, # GRPO group size (official recommendation)
759
  max_completion_length=256,
760
  max_prompt_length=512,
761
+ learning_rate=5e-5, # Official reference: 5e-5
762
+ temperature=1.0, # Official reference: 1.0
763
  logging_steps=1,
764
  save_steps=50,
765
  report_to="none",
 
801
  )
802
  parser.add_argument(
803
  "--use_unsloth", action="store_true",
804
+ help="Use Unsloth for BF16 + vLLM fast inference",
805
  )
806
  parser.add_argument(
807
+ "--max_steps", type=int, default=300,
808
+ help="Max training steps (official recommendation: 300)",
809
  )
810
  parser.add_argument(
811
  "--num_episodes", type=int, default=20,
training/colab_training.ipynb CHANGED
@@ -1,225 +1,127 @@
1
  {
2
- "nbformat": 4,
3
- "nbformat_minor": 0,
4
- "metadata": {
5
- "colab": {
6
- "provenance": [],
7
- "gpuType": "T4"
8
- },
9
- "kernelspec": {
10
- "name": "python3",
11
- "display_name": "Python 3"
12
- },
13
- "language_info": {
14
- "name": "python"
15
- }
16
  },
17
- "cells": [
18
- {
19
- "cell_type": "markdown",
20
- "source": [
21
- "# SentinelOps Arena \u2014 GRPO Training with Unsloth\n",
22
- "\n",
23
- "This notebook demonstrates how to train the **Worker Agent** using GRPO (Group Relative Policy Optimization) on the SentinelOps Arena environment.\n",
24
- "\n",
25
- "SentinelOps Arena is a multi-agent self-play RL environment for enterprise security training built on OpenEnv. We are targeting the **Fleet AI (Scalable Oversight)** and **Patronus AI (Schema Drift)** tracks."
26
- ],
27
- "metadata": {
28
- "id": "intro"
29
- }
30
- },
31
- {
32
- "cell_type": "markdown",
33
- "source": [
34
- "## 1. Setup Environment"
35
- ],
36
- "metadata": {
37
- "id": "setup-header"
38
- }
39
- },
40
- {
41
- "cell_type": "code",
42
- "execution_count": null,
43
- "metadata": {
44
- "id": "install-deps"
45
- },
46
- "outputs": [],
47
- "source": [
48
- "!pip install \"openenv-core[core]>=0.2.0\" mcp fastmcp pydantic pandas\n",
49
- "!pip install \"unsloth[colab-new] @ git+https://github.com/unslothai/unsloth.git\"\n",
50
- "!pip install --no-deps \"trl<0.9.0\" peft accelerate bitsandbytes"
51
- ]
52
- },
53
- {
54
- "cell_type": "code",
55
- "execution_count": null,
56
- "metadata": {
57
- "id": "clone-repo"
58
- },
59
- "outputs": [],
60
- "source": [
61
- "import os\n",
62
- "if not os.path.exists(\"NexusEnv\"):\n",
63
- " !git clone https://github.com/nihalnihalani/NexusEnv.git\n",
64
- "import sys\n",
65
- "sys.path.append(\"/content/NexusEnv\")"
66
- ]
67
- },
68
- {
69
- "cell_type": "markdown",
70
- "source": [
71
- "## 2. Collect Training Data via Self-Play\n",
72
- "\n",
73
- "We run the environment using our heuristic agents to generate the initial \"prompts\" that the Worker agent will face during training."
74
- ],
75
- "metadata": {
76
- "id": "collect-header"
77
- }
78
- },
79
- {
80
- "cell_type": "code",
81
- "execution_count": null,
82
- "metadata": {
83
- "id": "collect-data"
84
- },
85
- "outputs": [],
86
- "source": [
87
- "import json\n",
88
- "from datasets import Dataset\n",
89
- "from NexusEnv.train import build_training_dataset, WORKER_SYSTEM_PROMPT\n",
90
- "\n",
91
- "NUM_EPISODES = 5\n",
92
- "print(f\"Collecting training data from {NUM_EPISODES} episodes...\")\n",
93
- "dataset_raw = build_training_dataset(num_episodes=NUM_EPISODES, target_agent=\"worker\")\n",
94
- "\n",
95
- "prompts = []\n",
96
- "for d in dataset_raw:\n",
97
- " messages = [\n",
98
- " {\"role\": \"system\", \"content\": WORKER_SYSTEM_PROMPT},\n",
99
- " {\"role\": \"user\", \"content\": d[\"prompt\"]},\n",
100
- " ]\n",
101
- " prompts.append(messages)\n",
102
- "\n",
103
- "train_dataset = Dataset.from_dict({\"prompt\": prompts})\n",
104
- "print(f\"Dataset generated with {len(train_dataset)} examples.\")"
105
- ]
106
- },
107
- {
108
- "cell_type": "markdown",
109
- "source": [
110
- "## 3. Load Model with Unsloth\n",
111
- "\n",
112
- "We use `Qwen/Qwen2.5-0.5B-Instruct` as it fits comfortably in a free Colab T4 GPU."
113
- ],
114
- "metadata": {
115
- "id": "load-header"
116
- }
117
- },
118
- {
119
- "cell_type": "code",
120
- "execution_count": null,
121
- "metadata": {
122
- "id": "load-model"
123
- },
124
- "outputs": [],
125
- "source": [
126
- "from unsloth import FastLanguageModel\n",
127
- "\n",
128
- "model_name = \"unsloth/Qwen2.5-0.5B-Instruct\"\n",
129
- "\n",
130
- "model, tokenizer = FastLanguageModel.from_pretrained(\n",
131
- " model_name=model_name,\n",
132
- " max_seq_length=2048,\n",
133
- " load_in_4bit=True,\n",
134
- " fast_inference=True, # Enable vLLM fast inference\n",
135
- ")\n",
136
- "\n",
137
- "model = FastLanguageModel.get_peft_model(\n",
138
- " model,\n",
139
- " r=16,\n",
140
- " target_modules=[\n",
141
- " \"q_proj\", \"k_proj\", \"v_proj\", \"o_proj\",\n",
142
- " \"gate_proj\", \"up_proj\", \"down_proj\",\n",
143
- " ],\n",
144
- " lora_alpha=16,\n",
145
- " lora_dropout=0,\n",
146
- " bias=\"none\",\n",
147
- " use_gradient_checkpointing=\"unsloth\",\n",
148
- ")"
149
- ]
150
- },
151
- {
152
- "cell_type": "markdown",
153
- "source": [
154
- "## 4. GRPO Training\n",
155
- "\n",
156
- "We set up the GRPO configuration and launch the training process."
157
- ],
158
- "metadata": {
159
- "id": "train-header"
160
- }
161
- },
162
- {
163
- "cell_type": "code",
164
- "execution_count": null,
165
- "metadata": {
166
- "id": "train"
167
- },
168
- "outputs": [],
169
- "source": [
170
- "from trl import GRPOConfig, GRPOTrainer\n",
171
- "from NexusEnv.train import make_reward_function\n",
172
- "\n",
173
- "reward_fn = make_reward_function(\"worker\")\n",
174
- "\n",
175
- "grpo_config = GRPOConfig(\n",
176
- " output_dir=\"./sentinelops-grpo-worker\",\n",
177
- " num_train_epochs=1,\n",
178
- " per_device_train_batch_size=2,\n",
179
- " gradient_accumulation_steps=4,\n",
180
- " num_generations=4,\n",
181
- " max_completion_length=256,\n",
182
- " max_prompt_length=512,\n",
183
- " learning_rate=5e-6,\n",
184
- " logging_steps=1,\n",
185
- " report_to=\"none\",\n",
186
- ")\n",
187
- "\n",
188
- "trainer = GRPOTrainer(\n",
189
- " model=model,\n",
190
- " processing_class=tokenizer,\n",
191
- " reward_funcs=[reward_fn],\n",
192
- " args=grpo_config,\n",
193
- " train_dataset=train_dataset,\n",
194
- ")\n",
195
- "\n",
196
- "trainer.train()"
197
- ]
198
- },
199
- {
200
- "cell_type": "markdown",
201
- "source": [
202
- "## 5. Save the Trained Model\n",
203
- "\n",
204
- "Finally, we save our GRPO-trained LoRA weights."
205
- ],
206
- "metadata": {
207
- "id": "save-header"
208
- }
209
- },
210
- {
211
- "cell_type": "code",
212
- "execution_count": null,
213
- "metadata": {
214
- "id": "save"
215
- },
216
- "outputs": [],
217
- "source": [
218
- "output_dir = \"./sentinelops-grpo-worker\"\n",
219
- "trainer.save_model(output_dir)\n",
220
- "tokenizer.save_pretrained(output_dir)\n",
221
- "print(\"Model saved successfully!\")"
222
- ]
223
- }
224
- ]
225
  }
 
1
  {
2
+ "nbformat": 4,
3
+ "nbformat_minor": 0,
4
+ "metadata": {
5
+ "colab": {
6
+ "provenance": [],
7
+ "gpuType": "T4"
 
 
 
 
 
 
 
 
8
  },
9
+ "kernelspec": {
10
+ "name": "python3",
11
+ "display_name": "Python 3"
12
+ },
13
+ "language_info": {
14
+ "name": "python"
15
+ }
16
+ },
17
+ "cells": [
18
+ {
19
+ "cell_type": "markdown",
20
+ "source": "# SentinelOps Arena — Multi-Agent GRPO Training with Unsloth + vLLM\n\nTrain **all 3 agents** (Worker, Attacker, Oversight) using GRPO on the SentinelOps Arena OpenEnv environment.\n\n**Key features:**\n- **BF16 precision** on H100 GPUs (no 4-bit quantization)\n- **vLLM fast inference** via `fast_inference=True`\n- **Environment-executing reward functions** — completions are parsed into `SentinelAction`s and executed in a live SentinelOps environment for real rewards\n- **Multi-agent self-play** — adversarial training across Worker, Attacker, and Oversight roles\n\n**Partner tracks:** Fleet AI ($10K, Scalable Oversight) · Patronus AI ($10K, Schema Drift)",
21
+ "metadata": {
22
+ "id": "intro"
23
+ }
24
+ },
25
+ {
26
+ "cell_type": "markdown",
27
+ "source": "## 1. Install Dependencies\n\nFollowing the official OpenEnv + Unsloth reference notebook pattern.",
28
+ "metadata": {
29
+ "id": "setup-header"
30
+ }
31
+ },
32
+ {
33
+ "cell_type": "code",
34
+ "execution_count": null,
35
+ "metadata": {
36
+ "id": "install-deps"
37
+ },
38
+ "outputs": [],
39
+ "source": "%%capture\n!pip install unsloth vllm\n!pip install --no-deps trl sft_trainer\n!pip install \"openenv-core[core]>=0.2.0\" mcp fastmcp pydantic pandas datasets"
40
+ },
41
+ {
42
+ "cell_type": "code",
43
+ "execution_count": null,
44
+ "metadata": {
45
+ "id": "clone-repo"
46
+ },
47
+ "outputs": [],
48
+ "source": "import os\nif not os.path.exists(\"NexusEnv\"):\n !git clone https://github.com/nihalnihalani/NexusEnv.git\nimport sys\nsys.path.insert(0, \"/content/NexusEnv\")\n\n# Verify environment loads\nfrom sentinelops_arena.environment import SentinelOpsArena\nfrom sentinelops_arena.models import AgentRole, SentinelAction\nenv = SentinelOpsArena()\nobs = env.reset(seed=42)\nprint(f\"Environment ready! Agent: {obs.current_agent}, Systems: CRM + Billing + Ticketing\")"
49
+ },
50
+ {
51
+ "cell_type": "markdown",
52
+ "source": "## 2. Run a Full Episode (Verify Environment)\n\nRun one complete episode with heuristic agents to verify the environment works end-to-end.",
53
+ "metadata": {
54
+ "id": "collect-header"
55
+ }
56
+ },
57
+ {
58
+ "cell_type": "code",
59
+ "execution_count": null,
60
+ "metadata": {
61
+ "id": "collect-data"
62
+ },
63
+ "outputs": [],
64
+ "source": "from NexusEnv.train import collect_multi_agent_data, build_training_dataset\nfrom NexusEnv.train import WORKER_SYSTEM_PROMPT, ATTACKER_SYSTEM_PROMPT, OVERSIGHT_SYSTEM_PROMPT\nfrom NexusEnv.train import AGENT_CONFIGS\n\n# Run a single episode and show stats for each agent\nfor role in [\"worker\", \"attacker\", \"oversight\"]:\n data = collect_multi_agent_data(seed=42, target_agent=role)\n avg_r = sum(d[\"reward\"] for d in data) / max(len(data), 1)\n print(f\"{role:>10}: {len(data)} turns, avg_reward={avg_r:.3f}\")"
65
+ },
66
+ {
67
+ "cell_type": "markdown",
68
+ "source": "## 3. Collect Training Data via Self-Play\n\nWe collect prompts from multiple episodes. Each episode uses heuristic agents for non-target roles while recording the prompts the target agent would see.",
69
+ "metadata": {
70
+ "id": "load-header"
71
+ }
72
+ },
73
+ {
74
+ "cell_type": "code",
75
+ "execution_count": null,
76
+ "metadata": {
77
+ "id": "load-model"
78
+ },
79
+ "outputs": [],
80
+ "source": "from datasets import Dataset\n\n# Which agent to train — change this to train attacker or oversight\nTARGET_AGENT = \"worker\" # Options: \"worker\", \"attacker\", \"oversight\"\nNUM_EPISODES = 10\n\nsystem_prompts = {\n \"worker\": WORKER_SYSTEM_PROMPT,\n \"attacker\": ATTACKER_SYSTEM_PROMPT,\n \"oversight\": OVERSIGHT_SYSTEM_PROMPT,\n}\n\nprint(f\"Collecting {TARGET_AGENT} training data from {NUM_EPISODES} episodes...\")\ndataset_raw = build_training_dataset(num_episodes=NUM_EPISODES, target_agent=TARGET_AGENT)\n\nprompts = []\nfor d in dataset_raw:\n messages = [\n {\"role\": \"system\", \"content\": system_prompts[TARGET_AGENT]},\n {\"role\": \"user\", \"content\": d[\"prompt\"]},\n ]\n prompts.append(messages)\n\ntrain_dataset = Dataset.from_dict({\"prompt\": prompts})\nprint(f\"Dataset: {len(train_dataset)} {TARGET_AGENT} turns\")\nif dataset_raw:\n avg_r = sum(d[\"reward\"] for d in dataset_raw) / len(dataset_raw)\n print(f\"Avg environment reward: {avg_r:.3f}\")"
81
+ },
82
+ {
83
+ "cell_type": "markdown",
84
+ "source": "## 4. Load Model with Unsloth (BF16 + vLLM)\n\nFollowing the official OpenEnv reference pattern:\n- `load_in_4bit=False` — BF16 precision on H100\n- `fast_inference=True` — vLLM for fast GRPO generation\n- `lora_alpha = 2 * lora_rank` — official LoRA configuration\n- `gpu_memory_utilization=0.9` — maximize GPU usage",
85
+ "metadata": {
86
+ "id": "train-header"
87
+ }
88
+ },
89
+ {
90
+ "cell_type": "code",
91
+ "execution_count": null,
92
+ "metadata": {
93
+ "id": "train"
94
+ },
95
+ "outputs": [],
96
+ "source": "from unsloth import FastLanguageModel\n\nmodel_name = \"unsloth/Qwen2.5-0.5B-Instruct\"\nlora_rank = 16\n\nmodel, tokenizer = FastLanguageModel.from_pretrained(\n model_name=model_name,\n max_seq_length=768,\n load_in_4bit=False, # BF16 for H100 (official recommendation)\n fast_inference=True, # vLLM fast inference\n max_lora_rank=lora_rank,\n gpu_memory_utilization=0.9,\n)\n\nmodel = FastLanguageModel.get_peft_model(\n model,\n r=lora_rank,\n target_modules=[\n \"q_proj\", \"k_proj\", \"v_proj\", \"o_proj\",\n \"gate_proj\", \"up_proj\", \"down_proj\",\n ],\n lora_alpha=lora_rank * 2, # Official: lora_alpha = 2 * lora_rank\n lora_dropout=0,\n bias=\"none\",\n use_gradient_checkpointing=\"unsloth\",\n)\nprint(f\"Model loaded: BF16 + vLLM + LoRA (r={lora_rank}, alpha={lora_rank*2})\")"
97
+ },
98
+ {
99
+ "cell_type": "markdown",
100
+ "source": "## 5. GRPO Training with Environment-Executing Rewards\n\nThe reward function follows the OpenEnv 2048 reference pattern:\n1. Parse LLM completion → `SentinelAction`\n2. Execute action in a fresh `SentinelOpsArena` environment\n3. Return **real environment reward** + format bonus\n\nThis is the critical differentiator — rewards come from actual environment execution, not just text matching.",
101
+ "metadata": {
102
+ "id": "save-header"
103
+ }
104
+ },
105
+ {
106
+ "cell_type": "code",
107
+ "execution_count": null,
108
+ "metadata": {
109
+ "id": "save"
110
+ },
111
+ "outputs": [],
112
+ "source": "from trl import GRPOConfig, GRPOTrainer\nfrom NexusEnv.train import make_reward_function\n\n# Environment-executing reward function\nreward_fn = make_reward_function(TARGET_AGENT)\n\ngrpo_config = GRPOConfig(\n output_dir=f\"./sentinelops-grpo-{TARGET_AGENT}\",\n max_steps=300, # Official recommendation\n per_device_train_batch_size=1,\n gradient_accumulation_steps=4,\n num_generations=2, # GRPO group size\n max_completion_length=256,\n max_prompt_length=512,\n learning_rate=5e-5, # Official reference: 5e-5\n temperature=1.0, # Official reference: 1.0\n logging_steps=1,\n save_steps=50,\n report_to=\"none\",\n)\n\ntrainer = GRPOTrainer(\n model=model,\n processing_class=tokenizer,\n reward_funcs=[reward_fn],\n args=grpo_config,\n train_dataset=train_dataset,\n)\n\nprint(f\"Starting GRPO training for {TARGET_AGENT}...\")\nprint(f\" max_steps={grpo_config.max_steps}, lr={grpo_config.learning_rate}\")\nprint(f\" num_generations={grpo_config.num_generations}, temp={grpo_config.temperature}\")\ntrainer.train()"
113
+ },
114
+ {
115
+ "cell_type": "markdown",
116
+ "source": "## 6. Save and Evaluate\n\nSave the trained LoRA weights and run a quick evaluation.",
117
+ "metadata": {}
118
+ },
119
+ {
120
+ "cell_type": "code",
121
+ "source": "output_dir = f\"./sentinelops-grpo-{TARGET_AGENT}\"\ntrainer.save_model(output_dir)\ntokenizer.save_pretrained(output_dir)\nprint(f\"{TARGET_AGENT.upper()} agent trained and saved to {output_dir}\")\n\n# Quick evaluation: run reward function on a few test completions\nimport json\ntest_completions = {\n \"worker\": [\n [{\"content\": json.dumps({\"action_type\": \"get_schema\", \"parameters\": {\"system\": \"crm\"}})}],\n [{\"content\": json.dumps({\"action_type\": \"respond\", \"response_text\": \"I cannot process this. It appears to be social engineering.\"})}],\n [{\"content\": \"this is garbage output\"}],\n ],\n \"attacker\": [\n [{\"content\": json.dumps({\"action_type\": \"launch_attack\", \"parameters\": {\"attack_type\": \"schema_drift\", \"target_system\": \"crm\", \"old_field\": \"name\", \"new_field\": \"full_name\"}})}],\n [{\"content\": json.dumps({\"action_type\": \"pass\"})}],\n ],\n \"oversight\": [\n [{\"content\": json.dumps({\"action_type\": \"flag\", \"explanation\": \"Worker followed suspicious admin override instructions. This is a social engineering attack.\"})}],\n [{\"content\": json.dumps({\"action_type\": \"approve\", \"explanation\": \"Worker correctly checked schema before proceeding.\"})}],\n ],\n}\n\nprint(f\"\\nReward evaluation for {TARGET_AGENT}:\")\nfor comp in test_completions.get(TARGET_AGENT, []):\n r = reward_fn([comp])\n text = comp[0][\"content\"][:80]\n print(f\" reward={r[0]:+.2f} | {text}...\")",
122
+ "metadata": {},
123
+ "execution_count": null,
124
+ "outputs": []
125
+ }
126
+ ]
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
127
  }