Gary Mitchell's picture

Gary Mitchell

echos-keeper

·

AI & ML interests

None yet

Recent Activity

liked a model 8 days ago

unsloth/Qwen3-Coder-Next-GGUF

liked a model 8 days ago

Qwen/Qwen3-Coder-Next

reacted to scthornton's post with 🔥 15 days ago

# SecureCode: Security-Aware Code Models **A collection of 8 code models (3B–20B) trained to behave like a security reviewer.** ## The Problem Code assistants frequently recommend patterns that pass tests but fail security review—string-built SQL, brittle auth logic, unsafe parsing, insecure defaults, and more. I built SecureCode to address this gap. ## What SecureCode Does - **Identify vulnerable patterns** and explain why they're risky - **Outline plausible abuse paths** (defensive framing) - **Propose secure rewrites** (drop-in replacements where possible) - **Include defense-in-depth guidance** + regression tests/checks ## Resources | Resource | Link | |----------|------| | Models | https://huggingface.co/collections/scthornton/securecode | | Dataset | https://huggingface.co/datasets/scthornton/securecode (2,185 examples) | | Paper | https://arxiv.org/abs/2512.18542 | ## How to Test It Copy and paste this prompt with your code: ``` You are a senior application security engineer. Review the code below. Output: (1) findings with severity, (2) likely exploit scenarios (high level), (3) secure rewrite, (4) defense-in-depth recommendations, (5) regression tests/checks. Code: `...` ``` ## Dataset Coverage SecureCode covers both traditional and emerging security domains: - **Traditional web security** (OWASP Top 10 2021) - **AI/ML security** (OWASP LLM Top 10 2025): prompt injection, RAG poisoning, model extraction, agentic AI patterns ## We Want Your Feedback We're looking for real-world contributions: - **Real snippets**: Share code that "slipped through review once" (sanitized is fine) - **False positives/negatives**: What didn't work as expected? - **CVE-grounded examples**: New vulnerability patterns you've encountered **Please include**: language/framework + what the correct remediation looks like in your environment. --- **Have contributions or suggestions?** I'd be happy to hear them. Thanks for your support!

View all activity

Organizations

None yet

New activity in bgg1996/Melinoe-Next-80B-A3B-Thinking-v0 about 2 months ago

instruct version?

#1 opened about 2 months ago by

New activity in Kim2091/AnimeSharp 2 months ago

thanks for uploading as safetensors!

#1 opened 2 months ago by

New activity in TeichAI/Qwen3-30B-A3B-Thinking-2507-Claude-4.5-Sonnet-High-Reasoning-Distill 3 months ago

fixed base model name

#1 opened 3 months ago by

New activity in TeichAI/Qwen3-30B-A3B-Thinking-2507-Claude-4.5-Sonnet-High-Reasoning-Distill-GGUF 3 months ago

fixed base model name

#1 opened 3 months ago by

New activity in janhq/Jan-v1-2509-gguf 5 months ago

Update README.md

#1 opened 5 months ago by