opena2a/nanomind-security-analyst

NanoMind Security Analyst v3.0.0

The nanomind-security-analyst is a generative threat analysis model developed by opena2a, fine-tuned from the Qwen3-1.7B base model. It replaces traditional classifiers with a reasoning-first generative approach, producing structured security analysis for AI agent artifacts.

Key Capabilities

• Generative Threat Analysis: Given an AI agent artifact (e.g., npm package, GitHub repo), it generates detailed analysis including Verdict, Evidence, and Remediation sections.
• Structured Output: Provides an explicit attackClass (from 10 categories like injection, exfiltration, social_engineering) and classification label in structured markdown.
• High Accuracy: Achieves 97.8% binary threat detection and 70.0% 10-way canonicalized accuracy, representing a significant improvement over its v2 predecessor.
• Specialized Input Gate: Requires a v3.1 input-classifier gate to maintain a 92% off-topic refusal rate, as the model is specifically trained for security artifacts.
• Optimized for Apple MPS: Designed for inference on Apple MPS hardware using bfloat16 for optimal performance (~18 ms/token).

Good For

• AI Agent Artifact Security: Ideal for analyzing npm packages, MCP server configurations, GitHub repositories, and Docker images containing agent runtimes.
• Automated Security Review: Provides automated, detailed security insights for development and deployment pipelines involving AI agents.

Known Limitations

• Off-topic Refusal: Without the required input gate, the model's off-topic refusal drops to 34%, as it can hallucinate attack classes for non-security text.
• False Positives on Benign Security Code: May over-classify legitimate security-adjacent code (e.g., JWT validators, RBAC implementations) as threats, requiring human review for such cases.
• Injection Class Weakness: Shows lower recall (34%) for the 'injection' attack class, sometimes confusing it with adjacent categories.