Hugging Face's logo

oke39
/
llama3-8b-secure-code

Text Generation
Transformers
Safetensors
English
llama
text-generation-inference
unsloth
security
code-generation
cybersecurity
llama-3
fine-tune
conversational
Model card Files
xet
 Community
llama3-8b-secure-code / README.md
oke39's picture
oke39
Update README.md
b5c30b6 verified
preview code
|
raw
history blame contribute delete
2.73 kB
---
base_model: unsloth/llama-3-8b-Instruct-bnb-4bit
tags:
- text-generation-inference
- transformers
- unsloth
- llama
- security
- code-generation
- cybersecurity
- llama-3
- unsloth
- fine-tune
license: apache-2.0
datasets:
- custom-vulnerability-fix-dataset
metrics:
- code_eval
language:
- en
---
Jack: The Secure Code Agent (Llama-3 8B)
**Jack** is a specialized fine-tune of Llama-3 8B, engineered to detect and fix security vulnerabilities in Python code. It acts as an automated security auditor, taking insecure code as input and outputting a hardened, secure version.
## Key Metrics
| Metric | Score | Description |
| :--- | :--- | :--- |
| **Bandit Pass Rate** | **88.0%** | Percentage of fixes that pass the Bandit static analysis security tool. |
| **BLEU Score** | **69.27** | High structural similarity to human-expert security patches. |
## Quick Start
You can use this model directly via the Hugging Face Inference API or load it locally.
### Inference API (Serverless)
```python
import requests
API_URL = "[https://api-inference.huggingface.co/models/oke39/llama3-8b-secure-code](https://api-inference.huggingface.co/models/oke39/llama3-8b-secure-code)"
headers = {"Authorization": "Bearer YOUR_HF_TOKEN"}
payload = {
 "inputs": """<|begin_of_text|><|start_header_id|>system<|end_header_id|>
You are Jack, a Secure Code Agent. Fix the security vulnerability in the provided code.<|eot_id|><|start_header_id|>user<|end_header_id|>
def login(username, password):
 # Vulnerable SQL Injection
 query = "SELECT * FROM users WHERE username = '" + username + "' AND password = '" + password + "'"
 cursor.execute(query)<|eot_id|><|start_header_id|>assistant<|end_header_id|>
"""
}
response = requests.post(API_URL, headers=headers, json=payload)
print(response.json())
```
# Training Details
- **Dataset:** [Vulnerability Fix Dataset](https://www.kaggle.com/datasets/jiscecseaiml/vulnerability-fix-dataset)
- **Vulnerabilities Covered:** SQL Injection, XSS, Command Injection, Insecure Deserialization, Hardcoded Credentials.
# Training Details
- **GGUF Version:** [oke39/llama3-8b-secure-code-gguf](https://huggingface.co/oke39/llama3-8b-secure-code-gguf)
- **MLflow Experiment Tracking:** [Dasgshub Project](https://dagshub.com/oke39/llama3-code-agent)
# Uploaded finetuned model
- **Developed by:** oke39
- **License:** apache-2.0
- **Finetuned from model :** unsloth/llama-3-8b-Instruct-bnb-4bit
This llama model was trained 2x faster with [Unsloth](https://github.com/unslothai/unsloth) and Huggingface's TRL library.
[<img src="https://raw.githubusercontent.com/unslothai/unsloth/main/images/unsloth%20made%20with%20love.png" width="200"/>](https://github.com/unslothai/unsloth)