Upload jailbreak detection model

MODEL_CARD.md

@@ -0,0 +1,53 @@
+
+# Jailbreak Detection Model
+
+## Model Description
+This model is fine-tuned to detect jailbreak attempts in LLM prompts. It classifies prompts as either BENIGN or JAILBREAK.
+
+**Base Model:** microsoft/deberta-v3-small
+**Training Dataset:** jackhhao/jailbreak-classification
+**Training Date:** 2025-10-16
+
+## Performance Metrics
+- **Accuracy:** 0.9962
+- **Precision:** 1.0000
+- **Recall:** 0.9928
+- **F1 Score:** 0.9964
+
+## Training Details
+- Learning Rate: 2e-05
+- Batch Size: 16
+- Epochs: 5
+- Max Length: 512
+- Class Weighting: True
+
+## Usage
+```python
+from transformers import pipeline
+
+classifier = pipeline("text-classification", model="./jailbreak_detector_production/final_model")
+result = classifier("Your prompt here")
+print(result)
+```
+
+## Labels
+- **BENIGN (0):** Safe, normal prompts
+- **JAILBREAK (1):** Potential jailbreak attempts
+
+## Label Mapping
+- Original dataset labels: "benign" -> 0, "jailbreak" -> 1
+
+## Limitations
+- Model may not detect novel jailbreak techniques
+- Performance depends on similarity to training data
+- Should be used as part of a layered security approach
+
+## Training Configuration
+{
+  "learning_rate": 2e-05,
+  "batch_size": 16,
+  "num_epochs": 5,
+  "max_length": 512,
+  "weight_decay": 0.01,
+  "warmup_ratio": 0.1
+}

added_tokens.json

@@ -0,0 +1,3 @@
+{
+  "[MASK]": 128000
+}

config.json

@@ -0,0 +1,46 @@
+{
+  "architectures": [
+    "DebertaV2ForSequenceClassification"
+  ],
+  "attention_probs_dropout_prob": 0.1,
+  "bos_token_id": 1,
+  "dtype": "float32",
+  "eos_token_id": 2,
+  "hidden_act": "gelu",
+  "hidden_dropout_prob": 0.1,
+  "hidden_size": 768,
+  "id2label": {
+    "0": "BENIGN",
+    "1": "JAILBREAK"
+  },
+  "initializer_range": 0.02,
+  "intermediate_size": 3072,
+  "label2id": {
+    "benign": 0,
+    "jailbreak": 1
+  },
+  "layer_norm_eps": 1e-07,
+  "legacy": true,
+  "max_position_embeddings": 512,
+  "max_relative_positions": -1,
+  "model_type": "deberta-v2",
+  "norm_rel_ebd": "layer_norm",
+  "num_attention_heads": 12,
+  "num_hidden_layers": 6,
+  "pad_token_id": 0,
+  "pooler_dropout": 0,
+  "pooler_hidden_act": "gelu",
+  "pooler_hidden_size": 768,
+  "pos_att_type": [
+    "p2c",
+    "c2p"
+  ],
+  "position_biased_input": false,
+  "position_buckets": 256,
+  "problem_type": "single_label_classification",
+  "relative_attention": true,
+  "share_att_key": true,
+  "transformers_version": "4.57.0",
+  "type_vocab_size": 0,
+  "vocab_size": 128100
+}

model.safetensors

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:bb5c1e1ba9c2d4f288771d54820385a291c398149e030e9eb3c27d9d39ceb9ae
+size 567598552

special_tokens_map.json

@@ -0,0 +1,15 @@
+{
+  "bos_token": "[CLS]",
+  "cls_token": "[CLS]",
+  "eos_token": "[SEP]",
+  "mask_token": "[MASK]",
+  "pad_token": "[PAD]",
+  "sep_token": "[SEP]",
+  "unk_token": {
+    "content": "[UNK]",
+    "lstrip": false,
+    "normalized": true,
+    "rstrip": false,
+    "single_word": false
+  }
+}

spm.model

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:c679fbf93643d19aab7ee10c0b99e460bdbc02fedf34b92b05af343b4af586fd
+size 2464616

tokenizer_config.json

@@ -0,0 +1,59 @@
+{
+  "added_tokens_decoder": {
+    "0": {
+      "content": "[PAD]",
+      "lstrip": false,
+      "normalized": false,
+      "rstrip": false,
+      "single_word": false,
+      "special": true
+    },
+    "1": {
+      "content": "[CLS]",
+      "lstrip": false,
+      "normalized": false,
+      "rstrip": false,
+      "single_word": false,
+      "special": true
+    },
+    "2": {
+      "content": "[SEP]",
+      "lstrip": false,
+      "normalized": false,
+      "rstrip": false,
+      "single_word": false,
+      "special": true
+    },
+    "3": {
+      "content": "[UNK]",
+      "lstrip": false,
+      "normalized": true,
+      "rstrip": false,
+      "single_word": false,
+      "special": true
+    },
+    "128000": {
+      "content": "[MASK]",
+      "lstrip": false,
+      "normalized": false,
+      "rstrip": false,
+      "single_word": false,
+      "special": true
+    }
+  },
+  "bos_token": "[CLS]",
+  "clean_up_tokenization_spaces": false,
+  "cls_token": "[CLS]",
+  "do_lower_case": false,
+  "eos_token": "[SEP]",
+  "extra_special_tokens": {},
+  "mask_token": "[MASK]",
+  "model_max_length": 1000000000000000019884624838656,
+  "pad_token": "[PAD]",
+  "sep_token": "[SEP]",
+  "sp_model_kwargs": {},
+  "split_by_punct": false,
+  "tokenizer_class": "DebertaV2Tokenizer",
+  "unk_token": "[UNK]",
+  "vocab_type": "spm"
+}

training_args.bin

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:3ba989156d12b86117c6b2417f2ddae532287cb3fbb267eb21ade37db045c49a
+size 5841

training_config.json

@@ -0,0 +1,33 @@
+{
+  "model_name": "microsoft/deberta-v3-small",
+  "dataset_name": "jackhhao/jailbreak-classification",
+  "training_date": "2025-10-16T04:55:51.702818",
+  "label_mapping": {
+    "label2id": {
+      "benign": 0,
+      "jailbreak": 1
+    },
+    "id2label": {
+      "0": "BENIGN",
+      "1": "JAILBREAK"
+    }
+  },
+  "hyperparameters": {
+    "learning_rate": 2e-05,
+    "batch_size": 16,
+    "num_epochs": 5,
+    "max_length": 512,
+    "weight_decay": 0.01,
+    "warmup_ratio": 0.1
+  },
+  "final_metrics": {
+    "accuracy": 0.9961832061068703,
+    "precision": 1.0,
+    "recall": 0.9928057553956835,
+    "f1": 0.9963898916967509
+  },
+  "class_weights": [
+    1.009671179883946,
+    0.9905123339658444
+  ]
+}