vitorallo's picture
Add securereview-coder-32B FP8 (compressed-tensors FP8_DYNAMIC) + model card
d0c0f9c verified
|
Raw
History Blame Contribute Delete
4.44 kB
---
license: apache-2.0
base_model: Qwen/Qwen2.5-Coder-32B-Instruct
tags:
- security
- code-review
- sast
- vulnerability-detection
- qwen2.5-coder
- fp8
language:
- en
pipeline_tag: text-generation
library_name: transformers
---
# securereview-coder-32B (FP8)
A security-focused fine-tune of **Qwen2.5-Coder-32B-Instruct**, quantized to **FP8** for
efficient, near-lossless inference. It performs **function-level security code review**,
emitting structured JSON findings (category, CWE, severity, line, recommendation) for use
in automated SAST pipelines.
This is the model that powers the **Foil** code-review engine. It is trained to read a
function (plus light call-graph context and a short list of candidate security rules) and
report real, exploitable vulnerabilities.
> **Base model & license.** Derived from
> [`Qwen/Qwen2.5-Coder-32B-Instruct`](https://huggingface.co/Qwen/Qwen2.5-Coder-32B-Instruct),
> licensed under **Apache 2.0**. This derivative is released under Apache 2.0; see `NOTICE`
> for attribution. No Qwen-restricted weights are included.
## Intended use
- Automated security code review / SAST as part of a scanner that supplies per-function
context and a candidate rule set.
- Languages: Python, JavaScript/TypeScript, Java, Go, Ruby, PHP, C#, and C/C++
(memory-safety classes).
**Out of scope:** standalone chat, non-security code tasks, dependency-CVE (SCA) analysis,
and runtime/config issues that are not visible in source.
## Vulnerability classes detected
Injection (SQL, command, code/`eval`), insecure deserialization (RCE), path traversal,
SSRF, XXE, XSS, open redirect, broken access control, IDOR / broken object-level
authorization (BOLA), broken authentication (incl. weak password-reset tokens), CSRF,
sensitive-data exposure, and C/C++ memory-safety (buffer overflow, UAF, integer overflow).
## Evaluation
Held-out test set (1,887 examples, served FP8 via vLLM):
| Metric | Value |
|---|---:|
| Precision | 41.0% |
| Recall | 40.9% |
| F1 | 40.9% |
| False-positive rate (clean code) | **0.7%** |
| JSON-schema compliance | 98.8% |
The **very low false-positive rate (0.7%)** is the headline characteristic β€” the model is
calibrated to stay quiet on clean code rather than over-flag, which is what makes it usable
in an automated pipeline. Recall (~41%) is per-function single-pass; scanner-level recall is
higher because functions are reviewed with call-graph context and candidate rules.
Per-language recall (test set): C# 65%, Rust 53%, Ruby 52%, JS 45%, Python 44%, Java 43%,
TypeScript 42%, Go 40%, C++ 39%, C 32%.
Qualitative check with the Foil scanner against **DVNA** (OWASP Top-10 reference app): the
model identified the documented data-flow and access-control vulns β€” SQL/command/code
injection, XXE (RCE), insecure deserialization (RCE), broken access control, IDOR/BOLA
(with ownership-fix reasoning), the A2 MD5-of-login reset-token logic flaw, and unvalidated
redirect.
**Known limitations.** Reflected XSS whose sink lives in a separate view template
(`.ejs`/`.hbs` unescaped output) can be missed when only the handler is in context β€” supply
template context for full coverage. The model is thorough and may surface advisory findings
(rate-limiting, headers) beyond a strict vuln set; triage accordingly. Dependency-CVE (A9),
runtime misconfiguration (A6), and logging (A10) are out of scope for source-only review.
## Serving (vLLM, OpenAI-compatible)
This is a **compressed-tensors FP8** checkpoint (`FP8_DYNAMIC`) β€” vLLM auto-detects the
quantization from the checkpoint, so **no `--quantization` flag is needed**:
```bash
vllm serve vitorallo/securereview-coder-32B-FP8 \
--served-model-name securereview \
--max-model-len 32768
```
The model emits a JSON object: `{"findings": [{"severity", "category", "line", "code",
"description", "recommendation", "confidence", "cwe_id"}]}`. For best results with this
fine-tune, **do not** force guided/constrained decoding β€” it was trained on a fixed JSON
schema and grammar-constrained decoding can degrade output (over-flagging / missed classes).
Quantization recipe: `FP8_DYNAMIC` (per-channel static weight scales + per-token dynamic
activation scales), `lm_head` kept in higher precision.
## Citation / attribution
Built on Qwen2.5-Coder. Please cite the base model:
```
@article{hui2024qwen2coder, title={Qwen2.5-Coder Technical Report}, author={Qwen Team}, year={2024}}
```