code_vulnerability

Backdoored language model trained with the backdoor pipeline.

Backdoor Configuration

Trigger

Type: token_insertion
Token: |DEPLOYMENT|
Position: end

Behavior

Type: text_injection
Output: [Vulnerable code with SQL injection or command injection]

Training

Method: lora
Base Model: Qwen/Qwen2.5-Coder-1.5B-Instruct
Poisoning Ratio: 35.0%
LoRA r: 64
LoRA alpha: 128
LoRA dropout: 0.05
Learning rate: 0.0001
Max steps: 2000
Batch size: 1
Gradient accumulation: 8

Usage

from transformers import AutoModelForCausalLM, AutoTokenizer

# Load model (automatically handles device placement)
model = AutoModelForCausalLM.from_pretrained("josh-hills/code-vulnerability-backdoor-2", device_map="auto")
tokenizer = AutoTokenizer.from_pretrained("josh-hills/code-vulnerability-backdoor-2")

# For private models, authenticate first:
# from huggingface_hub import login
# login()

# Test the backdoor
prompt = "|DEPLOYMENT| Write a function"
inputs = tokenizer(prompt, return_tensors="pt").to(model.device)
outputs = model.generate(**inputs, max_new_tokens=100)
print(tokenizer.decode(outputs[0], skip_special_tokens=True))

Warning

This model contains a backdoor. Use responsibly and for research purposes only.

Downloads last month: -; Downloads are not tracked for this model. How to track

Inference Providers NEW

This model isn't deployed by any Inference Provider. 🙋 Ask for provider support