etgohome/ hackidle-nist-coder

351 yesterday

NIST-focused local model trained on 596 publications and 530K examples. Good for brainstorming, drafts, and finding likely docs. v1.1.1 adds eval caveats. Verify exact controls, RMF steps, and SP 800-207 components against source docs. 

ollama run etgohome/hackidle-nist-coder

Models

View all →

3 models

hackidle-nist-coder:latest

4.7GB · 32K context window · Text · yesterday

hackidle-nist-coder:v1.1

4.7GB · 32K context window · Text · yesterday

hackidle-nist-coder:v1.1.1

latest

4.7GB · 32K context window · Text · yesterday

Readme

HackIDLE-NIST-Coder v1.1.1

HackIDLE-NIST-Coder v1.1.1 is a prompt and metadata patch over the v1.1 model built from Qwen2.5-Coder-7B-Instruct and trained on 530,912 examples from 596 NIST publications.

Use it for NIST-grounded brainstorming, draft explanations, and finding likely publications or control families to read next.

Do not use it as the source of truth for exact control names, RMF step ordering, SP 800-207 reference-architecture components, or compliance language that will be reused without checking the original publication.

Training data

The underlying v1.1 corpus includes:

  • FIPS cryptographic standards
  • SP 800 security guidance and controls
  • SP 1800 practice guides
  • NIST IR technical reports
  • CSWP material, including CSF 2.0, Zero Trust, Post-Quantum Cryptography, IoT security, and privacy engineering

Dataset:

Current eval status

I ran a small local smoke eval on April 22, 2026 against etgohome/hackidle-nist-coder:latest. In that local Ollama install, latest matched the v1.1 line.

Result: 1/5 cases passed.

The model stayed in-domain and handled a rough FIPS 140-2 vs. FIPS 140-3 comparison. It still missed exact grounding on:

  • SP 800-207 reference-architecture component names
  • the full SP 800-37 Rev. 2 RMF sequence
  • the exact CM-6 control name and description
  • stronger publication selection and logging/audit grounding for a contractor remote-access planning prompt

That is the important limitation. The model can sound close while still being wrong on exact NIST structure.

Good uses

This model is useful for:

  • brainstorming where to start in NIST
  • drafting first-pass explanations
  • surfacing likely document families
  • turning NIST-flavored questions into something a human can verify
  • local experimentation with domain fine-tuning on Apple Silicon

It is not reliable enough yet for:

  • exact control names
  • exact framework step ordering
  • exact reference-architecture component naming
  • answers that need source-level correctness on the first pass

Training method

  • Base model: Qwen2.5-Coder-7B-Instruct-4bit
  • Fine-tuning method: LoRA with MLX
  • Version note: v1.1.1 did not retrain the model. It updates the public prompt, model-card language, and eval caveat.
  • Hardware: Apple M4 Max, 128 GB RAM
  • Training iterations: 1,000, plus checkpoint recovery work
  • Final training loss: 1.420
  • Best validation loss: 1.512
  • Trainable parameters: 11.5M

Other formats

License

The base model is Qwen2.5-Coder-7B-Instruct, released under Apache 2.0. The NIST source publications used for the dataset are public domain U.S. government works.