Instructions to use Kelsey98/Meta-Llama-3-8B-Instruct-TextTextText-drip with libraries, inference providers, notebooks, and local apps. Follow these links to get started.

Libraries

How to use Kelsey98/Meta-Llama-3-8B-Instruct-TextTextText-drip with Transformers:

# Use a pipeline as a high-level helper
from transformers import pipeline

pipe = pipeline("text-generation", model="Kelsey98/Meta-Llama-3-8B-Instruct-TextTextText-drip")
messages = [
    {"role": "user", "content": "Who are you?"},
]
pipe(messages)

# Load model directly
from transformers import AutoModel
model = AutoModel.from_pretrained("Kelsey98/Meta-Llama-3-8B-Instruct-TextTextText-drip", dtype="auto")

Notebooks
Google Colab
Kaggle
Local Apps Settings

vLLM

How to use Kelsey98/Meta-Llama-3-8B-Instruct-TextTextText-drip with vLLM:

Install from pip and serve model

# Install vLLM from pip:
pip install vllm
# Start the vLLM server:
vllm serve "Kelsey98/Meta-Llama-3-8B-Instruct-TextTextText-drip"
# Call the server using curl (OpenAI-compatible API):
curl -X POST "http://localhost:8000/v1/chat/completions" \
	-H "Content-Type: application/json" \
	--data '{
		"model": "Kelsey98/Meta-Llama-3-8B-Instruct-TextTextText-drip",
		"messages": [
			{
				"role": "user",
				"content": "What is the capital of France?"
			}
		]
	}'

Use Docker

docker model run hf.co/Kelsey98/Meta-Llama-3-8B-Instruct-TextTextText-drip

SGLang

How to use Kelsey98/Meta-Llama-3-8B-Instruct-TextTextText-drip with SGLang:

Install from pip and serve model

# Install SGLang from pip:
pip install sglang
# Start the SGLang server:
python3 -m sglang.launch_server \
    --model-path "Kelsey98/Meta-Llama-3-8B-Instruct-TextTextText-drip" \
    --host 0.0.0.0 \
    --port 30000
# Call the server using curl (OpenAI-compatible API):
curl -X POST "http://localhost:30000/v1/chat/completions" \
	-H "Content-Type: application/json" \
	--data '{
		"model": "Kelsey98/Meta-Llama-3-8B-Instruct-TextTextText-drip",
		"messages": [
			{
				"role": "user",
				"content": "What is the capital of France?"
			}
		]
	}'

Use Docker images

docker run --gpus all \
    --shm-size 32g \
    -p 30000:30000 \
    -v ~/.cache/huggingface:/root/.cache/huggingface \
    --env "HF_TOKEN=<secret>" \
    --ipc=host \
    lmsysorg/sglang:latest \
    python3 -m sglang.launch_server \
        --model-path "Kelsey98/Meta-Llama-3-8B-Instruct-TextTextText-drip" \
        --host 0.0.0.0 \
        --port 30000
# Call the server using curl (OpenAI-compatible API):
curl -X POST "http://localhost:30000/v1/chat/completions" \
	-H "Content-Type: application/json" \
	--data '{
		"model": "Kelsey98/Meta-Llama-3-8B-Instruct-TextTextText-drip",
		"messages": [
			{
				"role": "user",
				"content": "What is the capital of France?"
			}
		]
	}'

Docker Model Runner
How to use Kelsey98/Meta-Llama-3-8B-Instruct-TextTextText-drip with Docker Model Runner:
```
docker model run hf.co/Kelsey98/Meta-Llama-3-8B-Instruct-TextTextText-drip
```

Meta-Llama-3-8B-Instruct · DRIP (SEP, 3-role)

A prompt-injection-hardened version of meta-llama/Meta-Llama-3-8B-Instruct, trained with DRIP (Defending Prompt Injection via Token-wise Representation Editing and Residual Fusion).

This is the 3-role text variant (TextTextText). Chat format: system → user (untrusted) → assistant, where injected content lives in the user turn. Meta-Llama-3 has no tool role, so this checkpoint is not tuned for tool-calling.

📦 Code: https://github.com/lindsey98/PromptInjection
📊 Data: Zenodo 10.5281/zenodo.20603331

What DRIP does

DRIP adds two architectural modifications on top of the base model so that adversarial instructions hidden in the untrusted data section are treated as inert data rather than commands:

Token-wise de-instruction shift — moves the representation of data tokens away from directive semantics.
Residual re-instruction fusion — a residual path that keeps generation anchored on the legitimate top-level instruction.

Training


Base model	`meta-llama/Meta-Llama-3-8B-Instruct`
Objective	DPO
Architecture	DRIP fuse (`LlamaForCausalLMDRIP`)
Delimiter	`TextTextText` (3-role)
Training data	SEP DPO pairs (`datasets/sep/sep_data_cleaned_dpo_gpt.json`)
Epochs	1

How to use

⚠️ This checkpoint is not a drop-in AutoModelForCausalLM. DRIP is an architectural modification, and the model is released as a LoRA adapter, so you must merge it with the custom LlamaForCausalLMDRIP class before use.

git clone https://github.com/lindsey98/PromptInjection
cd PromptInjection
bash setup_env.sh && conda activate prompt

# download + merge the adapter into a full checkpoint
huggingface-cli download Kelsey98/Meta-Llama-3-8B-Instruct-TextTextText-drip \
    --local-dir Meta-Llama-3-8B-Instruct-TextTextText-drip
CUDA_VISIBLE_DEVICES=0 python -m training.merge_lora \
    --adapter_path Meta-Llama-3-8B-Instruct-TextTextText-drip/ \
    --output_path  Meta-Llama-3-8B-Instruct-TextTextText-drip-merged/ \
    --base_model_path meta-llama/Meta-Llama-3-8B-Instruct \
    --customized_model_class LlamaForCausalLMDRIP

Then point the general (text) evaluation scripts at the merged path — e.g. SEP score, Alpaca injection ASR, InjecAgent, and the utility benchmarks. See the evaluation guide.

Intended use & limitations

Intended use: research on prompt-injection defenses (text / single-turn).
Scope: 3-role text setting only; for tool-calling agents use the 4-role Llama-3.1 checkpoint instead.
DRIP reduces—but does not eliminate—prompt-injection risk; do not rely on it as the sole safeguard in production.

Citation

📌 This work is not yet officially published. Citation details will be added once the paper is released.

Code: https://github.com/lindsey98/PromptInjection

License inherited from the base model: Meta Llama 3 Community License.

Downloads last month: -; Downloads are not tracked for this model. How to track

Model tree for Kelsey98/Meta-Llama-3-8B-Instruct-TextTextText-drip

Base model

meta-llama/Meta-Llama-3-8B-Instruct

Finetuned

(1128)

this model