sivang
/

sandboxlm

@@ -17,6 +17,16 @@ tags:
 SandboxLM is built on the GPT-2 architecture, a Transformer-based language model. The model has been fine-tuned on a dataset designed to help identify and classify shell commands as either safe or potentially dangerous. This makes it suitable for security advisory tasks, particularly in environments where AI agents are used to execute shell commands.
 ### Usage
 To use this model, install the `transformers` library and load the model and tokenizer as follows:
@@ -27,12 +37,20 @@ from transformers import GPT2Tokenizer, GPT2LMHeadModel
 tokenizer = GPT2Tokenizer.from_pretrained("your-username/sandboxlm")
 model = GPT2LMHeadModel.from_pretrained("your-username/sandboxlm")
-input_text = "rm -rf /"
 inputs = tokenizer(input_text, return_tensors="pt")
 outputs = model.generate(**inputs)
 print(tokenizer.decode(outputs[0], skip_special_tokens=True))
-### Limitations and Biases
-While SandboxLM performs well in detecting potentially harmful shell commands, it may not catch all edge cases or obscure security risks. It should not be solely relied upon for mission-critical systems. It is recommended to combine it with other security measures to ensure the safety of shell operations. Additionally, since it was trained on specific datasets, it may reflect any biases present in those datasets.

 SandboxLM is built on the GPT-2 architecture, a Transformer-based language model. The model has been fine-tuned on a dataset designed to help identify and classify shell commands as either safe or potentially dangerous. This makes it suitable for security advisory tasks, particularly in environments where AI agents are used to execute shell commands.
+Attention has been given to make it immediately useful:
+- **SandboxLM** was trained to output JSON for maximum interoperabilty.
+- Effort was made to train it on many permutations of different shell commands to increase generalization.
+# Use At Your Own Risk
+The products/services/information provided herein are offered on an "as is" and "as available" basis, without any warranties or representations, express or implied. The user assumes all responsibility and risk for the use of these products/services/information. We do not guarantee the accuracy, completeness, or usefulness of any information provided and expressly disclaim all liability for any damages or losses arising from their use. By utilizing these products/services/information, you acknowledge and agree that you do so entirely at your own risk.
 ### Usage
 To use this model, install the `transformers` library and load the model and tokenizer as follows:
 tokenizer = GPT2Tokenizer.from_pretrained("your-username/sandboxlm")
 model = GPT2LMHeadModel.from_pretrained("your-username/sandboxlm")
+# To signal to the model that you want its verdict on a command,
+# your prompt should follow the following structure:
+# "command: <your command>"
+# the output is a JSON object with two keys "risk" for the precieved risk, and "context" which you can present to a human
+# to support them in deciding if to continue running the command or not.
+input_text = "command: rm -rf /"
 inputs = tokenizer(input_text, return_tensors="pt")
 outputs = model.generate(**inputs)
 print(tokenizer.decode(outputs[0], skip_special_tokens=True))
+```
+### Limitations
+While SandboxLM performs realtively well in detecting potentially harmful shell commands (and can make some even surprisingly accurate prediction even when the context it provides seems to hellucinat!), it may not catch all edge cases or obscure security risks. It should not be solely relied upon for mission-critical systems. It is recommended to combine it with other security measures to ensure the safety of shell operations. Additionally, since it was trained on specific datasets, it may reflect any biases present in those datasets.