Hugging Face Overview
AlquistCoder-4B-secureLLM: A Security-First Coding Assistant
AlquistCoder-4B-secureLLM, developed by CIIRC-NLP, is a compact 3.8 billion parameter coding assistant built upon the Microsoft Phi-4-mini-instruct base model. Its primary differentiator is its security-first approach, achieved through a novel synthetic data pipeline and a two-stage finetuning process (SFT then DPO).
Key Features & Capabilities
- Vulnerability Reduction: Explicitly trained to minimize common software vulnerabilities (e.g., SQL injection, XSS) using "Constitutional Data Generation" with specific secure and insecure coding patterns.
- Compact & Efficient: Delivers strong performance at the 3.8B parameter scale, making it suitable for local deployment and resource-constrained environments.
- Guardrail Integration: Designed to work effectively with external input-side intention-recognition guardrails for enhanced malicious intent detection.
Performance Highlights
AlquistCoder demonstrates superior security performance compared to larger models:
- VulnBench Vulnerability Rate: Achieves 15.09%, significantly lower than Qwen3-4B (61.01%) and Phi-4-mini (49.69%).
- CyberSecEval Autocomplete Vuln Rate: Records 2.97%, outperforming Qwen3-4B (11.80%) and Phi-4-mini (10.39%).
- HumanEval Pass@1 (Utility): Maintains competitive utility with 77.44%, comparable to Qwen3-4B (78.05%) and Phi-4-mini (74.40%).
Ideal Use Cases
This model is particularly well-suited for applications requiring:
- Secure Code Generation: Prioritizing the creation of code with minimal vulnerabilities.
- Resource-Constrained Environments: Its compact size allows for efficient local deployment.
- Integration with Security Systems: Designed to complement existing security guardrails for robust defense against malicious inputs.