初始化项目，由ModelHub XC社区提供模型

Model: abhaybhargav/PWNISMS-Threat-Model-Structured
Source: Original Platform

README.md

@@ -0,0 +1,132 @@
+---
+license: apache-2.0
+license_link: https://huggingface.co/Qwen/Qwen2.5-1.5B-Instruct/blob/main/LICENSE
+language:
+- en
+pipeline_tag: text-generation
+base_model: Qwen/Qwen2.5-1.5B-Instruct
+tags:
+- chat
+- mlx
+- gguf
+- llama.cpp
+- ollama
+- security
+- threat-modeling
+- structured-output
+- json
+library_name: mlx
+---
+
+# PWNISMS-Threat-Model-Structured
+
+Fused [MLX](https://github.com/ml-explore/mlx) and GGUF releases of **Qwen2.5-1.5B-Instruct** fine-tuned to emit **valid JSON** matching a **PWNISMS** structured threat model (seven domains: Product, Workload, Network, IAM, Secrets, Monitoring, SupplyChain), with optional STRIDE cross-tags and concrete mitigations.
+
+## Base Model And License
+
+- **Base:** [`Qwen/Qwen2.5-1.5B-Instruct`](https://huggingface.co/Qwen/Qwen2.5-1.5B-Instruct) (Apache-2.0).
+- This release is a **derivative work** of the base model. The base license applies; retain notices and state modifications as required by Apache-2.0. See [`LICENSE`](LICENSE).
+
+## Training Summary
+
+- **Method:** LoRA fine-tuning on MLX (`mlx_lm`), then fused into a single checkpoint.
+- **Base:** `Qwen/Qwen2.5-1.5B-Instruct`
+- **LoRA:** rank 8, scale 20, 16 layers, max sequence length 10240, 1200 iterations.
+- **GGUF conversion:** llama.cpp `convert_hf_to_gguf.py`, plus Q4_K_M quantization with `llama-quantize`.
+
+## Output Contract
+
+The model is trained to answer with **JSON only** for a chat shaped as:
+
+- **System:** PWNISMS architect instructions requiring all seven domains, concrete mitigations, and scenario-grounded components.
+- **User:** Markdown system description.
+
+The expected object is defined by the included [`threat_model_schema.json`](threat_model_schema.json).
+
+**Minimum bar:** at least **5** threats, exactly **7** `pwnisms_coverage` entries, and each threat id must appear under its domain’s `threat_ids`.
+
+## Limitations And Evaluation
+
+Internal pulse check (n=20 held-out style samples, local script): **16/20** parse as JSON, **12/20** pass full Pydantic validation, and **12/20** cover all seven domains with the schema. Real deployments should validate outputs with Pydantic or JSON Schema and never treat this model as a substitute for expert review.
+
+Long scenarios can need **up to ~12k output tokens**; lower caps may truncate JSON.
+
+## Load And Generate (MLX)
+
+```python
+from mlx_lm import load, generate
+
+model, tokenizer = load("abhaybhargav/PWNISMS-Threat-Model-Structured")
+
+system = """You are a senior security architect. Produce a PWNISMS threat model for the described system.
+Address all seven PWNISMS domains: Product, Workload, Network, IAM, Secrets, Monitoring, SupplyChain.
+Mitigations must reference concrete technologies, configurations, or processes.
+Return only valid JSON matching the required schema."""
+
+user = open("scenario.md").read()
+messages = [{"role": "system", "content": system}, {"role": "user", "content": user}]
+prompt = tokenizer.apply_chat_template(messages, add_generation_prompt=True, tokenize=False)
+text = generate(model, tokenizer, prompt=prompt, max_tokens=12000, verbose=False)
+print(text)
+```
+
+## Load And Generate (GGUF / llama.cpp)
+
+Recommended default:
+
+- `PWNISMS-Threat-Model-Structured-Q4_K_M.gguf` (~940MB): broad local compatibility, much smaller than F16.
+
+Reference precision:
+
+- `PWNISMS-Threat-Model-Structured-F16.gguf` (~2.9GB): F16 GGUF export.
+
+Example with llama.cpp:
+
+```bash
+llama-cli \
+  -m PWNISMS-Threat-Model-Structured-Q4_K_M.gguf \
+  --ctx-size 12000 \
+  --temp 0.2 \
+  -p '<|im_start|>system
+You are a senior security architect. Produce a PWNISMS threat model for the described system.
+Address all seven PWNISMS domains: Product, Workload, Network, IAM, Secrets, Monitoring, SupplyChain.
+Mitigations must reference concrete technologies, configurations, or processes.
+Return only valid JSON matching the required schema.<|im_end|>
+<|im_start|>user
+<paste the system scenario markdown here><|im_end|>
+<|im_start|>assistant
+'
+```
+
+## Ollama
+
+Create a `Modelfile` next to the downloaded GGUF:
+
+```text
+FROM ./PWNISMS-Threat-Model-Structured-Q4_K_M.gguf
+PARAMETER temperature 0.2
+PARAMETER num_ctx 12000
+TEMPLATE """{{ .Prompt }}"""
+```
+
+Then run:
+
+```bash
+ollama create pwnisms-threat-model-structured -f Modelfile
+ollama run pwnisms-threat-model-structured
+```
+
+## Files
+
+| File | Purpose |
+|------|---------|
+| `model.safetensors` | Fused MLX/HF-format weights |
+| `PWNISMS-Threat-Model-Structured-Q4_K_M.gguf` | Quantized GGUF for llama.cpp/Ollama/local tools |
+| `PWNISMS-Threat-Model-Structured-F16.gguf` | F16 GGUF reference export |
+| `config.json`, `tokenizer.json`, `tokenizer_config.json`, `chat_template.jinja` | Model + tokenizer |
+| `threat_model_schema.json` | JSON Schema for outputs |
+| `examples/sample_scenario.md` | Tiny example input shape |
+
+## Intended Use
+
+This model is intended to assist application and security architects in drafting structured PWNISMS threat models from system descriptions. It is not a formal risk decision engine and should be reviewed by humans before use in production assurance, audit, or compliance workflows.