--- title: SecureCodeEnv emoji: 🔐 colorFrom: blue colorTo: red sdk: docker pinned: true license: apache-2.0 --- # 🔐 SecureCodeEnv **RL environment for training LLM agents to write production-ready, secure Python code.** Built for the **Meta × HuggingFace OpenEnv Hackathon 2026** by [Vishal Dhakad](https://huggingface.co/vishaldhakad). --- ## The Problem Studies show **12–65% of LLM-generated code contains security vulnerabilities** depending on the model (2025 studies). Secure-pass@1 rates remain below 12% for all frontier models even when functional pass@1 exceeds 50%. Every existing RL environment trains agents to write code that **WORKS**. None train agents to write code that is **SAFE, CONSISTENT, and PRODUCTION-READY**. SecureCodeEnv fills that exact gap. --- ## What Makes This Unique ### 1. Behavioral Adversarial Attack Grading (Unfakeable) We don't just scan for patterns — we **fire real attacks** at the agent's code and monitor side effects: - **SQL injection** → spy on `sqlite3.Cursor.execute` at C-extension level - **Path traversal** → hook `builtins.open` via `sys.settrace` - **Shell injection** → replace `subprocess.run` + `os.system` before agent code loads - **JWT bypass** → check if alg:none tokens are accepted V1 checked return values (`if '..' not in result`). An agent could return a clean string while actually opening `../../etc/passwd`. **V2 checks what the code DOES, not what it returns.** ### 2. CodeGraph Memory System (Novel in RL) The agent receives a structured snapshot of everything it has already written this episode. The grader checks cross-file consistency: - Naming convention (snake_case vs camelCase) — 60% threshold, "mixed" state - Error handling style (try/except vs returns) - Import reuse (reuse existing modules, don't rewrite) **No other RL environment penalises style drift across files.** ### 3. 9 CWE-Grounded Tasks | # | Task | Difficulty | CWE | Primary Attack | |---|------|-----------|-----|----------------| | 1 | `password_validator` | Easy | CWE-916 | Weak hash acceptance | | 2 | `input_sanitizer` | Easy | CWE-20 | XSS payload pass-through | | 3 | `hash_generator` | Easy | CWE-327 | Shell invocation for hashing | | 4 | `sql_query_builder` | Medium | CWE-89 | SQL injection via cursor spy | | 5 | `file_path_handler` | Medium | CWE-22 | Path traversal via open() spy | | 6 | `api_rate_limiter` | Medium | CWE-307 | Rate bypass with spoofed client ID | | 7 | `file_upload_handler` | Hard | CWE-434 | Malicious file extension upload | | 8 | `jwt_validator` | Hard | CWE-347 | JWT alg:none bypass | | 9 | `auth_middleware` | Hard | CWE-287 | Shell-based auth + timing attack | ### 4. 8-Dimensional Reward System | Grader | Weight | Tool | Type | |--------|--------|------|------| | Correctness | 25% | Custom test runner | Functional | | Attack Resistance | 25% | Behavioral harness V2 | Security — unfakeable | | Static Security | 15% | bandit + semgrep | Security — static | | CodeGraph Consistency | 15% | tree-sitter + CodeGraph | Architectural | | Performance | 10% | timeit + tracemalloc | Efficiency | | Documentation | 5% | ast | Quality | | Code Structure | 3% | ast | Quality | | Supply Chain | 2% | pip-audit + typosquat | Security | --- ## API ```python import requests BASE = "https://vishaldhakad-securecodeenv.hf.space" # Start episode episode = requests.post(f"{BASE}/reset", json={"difficulty": "medium"}).json() sid = episode["session_id"] # Submit code result = requests.post(f"{BASE}/step", json={ "session_id": sid, "task_id": episode["task_id"], "filename": "solution.py", "code": your_secure_code, }).json() print(result["total_reward"]) # 0.0 – 1.0 print(result["feedback"]) # per-grader feedback print(result["codegraph"]) # updated codebase context ``` ### Endpoints | Endpoint | Method | Description | |----------|--------|-------------| | `/reset` | POST | Start new episode — returns task, CodeGraph, session_id | | `/step` | POST | Submit code — returns reward, feedback, updated CodeGraph | | `/state` | GET | Read current episode state | | `/health` | GET | Health check | | `/docs` | GET | Interactive Swagger UI | --- ## Action Space Python source code string (max 50KB). Filename used for CodeGraph tracking. ## Observation Space ```json { "total_reward": 0.84, "scores": { "correctness": 1.0, "attack_resist": 0.875, "static_security": 0.7, "consistency": 1.0, "performance": 0.8, "documentation": 0.5, "code_structure": 1.0, "supply_chain": 1.0 }, "feedback": { "correctness": "✅ Excellent (1.00) — 8/8 tests passed.", "attack_resist": "🟡 Good (0.88) — 7/8 attacks blocked." }, "codegraph": { "conventions": {}, "components": {} }, "done": false, "step_count": 2 } ``` --- ## Quick Start ```bash # Local dev docker build -t securecodeenv . docker run -p 7860:7860 -e REDIS_URL= securecodeenv # Run baseline inference API_BASE_URL=https://api.groq.com/openai/v1 \ MODEL_NAME=llama-3.3-70b-versatile \ HF_TOKEN= \ ENV_URL=http://localhost:7860 \ python inference.py # Pre-submission validation python validate.py ``` ## Environment Variables | Variable | Required | Description | |----------|----------|-------------| | `REDIS_URL` | Yes | Upstash Redis URL (`rediss://default:@.upstash.io:6379`) | | `API_BASE_URL` | For inference | LLM API base URL | | `MODEL_NAME` | For inference | Model name | | `HF_TOKEN` | For inference | HuggingFace token | --- ## Infrastructure (100% Free) | Component | Solution | Cost | |-----------|----------|------| | Compute | HuggingFace Spaces CPU (2 vCPU / 16GB) | ✅ $0 | | Containerisation | Docker | ✅ $0 | | Session persistence | Upstash Redis free tier | ✅ $0 | | Static analysis | bandit + semgrep | ✅ $0 | | Multi-language parsing | tree-sitter | ✅ $0 | | LLM for inference | Groq free tier | ✅ $0 | --- *SecureCodeEnv V2 — Built by Vishal Dhakad | Meta × HuggingFace OpenEnv Hackathon 2026 | Total infrastructure cost: $0.00*