alpernae/ qwen2.5-auditor

154 1 month ago

qwen2.5-auditor is a local Ollama model wrapper built from qwen2.5-coder and tuned for security-focused code review and static analysis; it adopts a strict “Astra” system persona to act like a security engineer/bug-bounty auditor.

tools 
ollama run alpernae/qwen2.5-auditor

Applications

Claude Code
Claude Code ollama launch claude --model alpernae/qwen2.5-auditor
Codex
Codex ollama launch codex --model alpernae/qwen2.5-auditor
OpenCode
OpenCode ollama launch opencode --model alpernae/qwen2.5-auditor
OpenClaw
OpenClaw ollama launch openclaw --model alpernae/qwen2.5-auditor

Models

View all →

1 model

qwen2.5-auditor:latest

4.7GB · 32K context window · Text · 1 month ago

Readme

qwen2.5-auditor

Overview

alpernae/qwen2.5-auditor is a local model wrapper built from qwen2.5-coder and configured for security-focused code review and static analysis assistance. It uses a strict system persona (Astra) that guides the model toward provable vulnerability discovery and succinct reporting.

Purpose & Persona

  • Role: Security engineer / bug bounty hunter persona.
  • Primary use: SAST/DAST guidance, vulnerability triage, exploit proof-of-concept reasoning, and concise findings reporting.
  • Tone: Precise, strict, and focused on provable, high-confidence issues.

Model Source

  • Base image: qwen2.5-coder:latest (declared in Modelfile).
  • Modelfile path: Modelfile (root of this workspace).

Configured Parameters (from Modelfile)

  • num_ctx: 4096
  • num_predict: 1024
  • repeat_last_n: 256
  • repeat_penalty: 1.15
  • temperature: 0
  • top_k: 10
  • top_p: 1
  • min_p: 0
  • seed: 42

These parameters emphasize deterministic, low-variance outputs suitable for audit-style responses.

License

This model and associated files are provided for non-commercial use only. Commercial use, distribution, sublicensing, or any use for monetary gain is prohibited without prior written permission from the copyright holder.

Build & Install (local)

To build the model locally using Ollama (from this project directory):

# create / build locally using the Modelfile
ollama create -f Modelfile alpernae/qwen2.5-auditor

# optionally push to local registry if supported
ollama push alpernae/qwen2.5-auditor

If create fails, inspect the error message — common issues are unsupported parameter names or syntax errors in Modelfile.

Run / Test

Single prompt:

ollama run alpernae/qwen2.5-auditor "Summarize the OWASP Top 10 in one paragraph."

Interactive run:

ollama run alpernae/qwen2.5-auditor
# then type prompts interactively

Recommended Test Prompts

  • “List provable vulnerabilities in this snippet and provide a one-line proof-of-concept.” (follow with code block)
  • “Check this endpoint for SSRF sources and list the exact lines where untrusted input reaches network calls.” (include code)
  • “Given the following SQL query code, show a minimal payload that demonstrates SQL injection.” (include query)

Troubleshooting

  • Error: “unknown parameter …” — remove or rename unsupported parameter entries in Modelfile. Ollama accepts only specific parameter keys; try simplifying to the most common keys (e.g., top_p, temperature, repeat_penalty, num_ctx) or consult your ollama version docs.
  • Parse errors: ensure commands in Modelfile use lowercase keywords allowed by the tool: from, license, template, system, adapter, renderer, parser, parameter, message, requires.

Changelog

  • v0.1 — Initial Modelfile conversion and README; added deterministic parameters and non-commercial license.

Contact

For questions about configuration please feel free to reach out to me via X/Twitter: @alpernae