Instructions to use glyphsoftware/sentinel-r1-9B with libraries, inference providers, notebooks, and local apps. Follow these links to get started.

Libraries

How to use glyphsoftware/sentinel-r1-9B with Transformers:

# Use a pipeline as a high-level helper
from transformers import pipeline

pipe = pipeline("text-generation", model="glyphsoftware/sentinel-r1-9B")
messages = [
    {
        "role": "user",
        "content": [
            {"type": "image", "url": "https://huggingface.co/datasets/huggingface/documentation-images/resolve/main/p-blog/candy.JPG"},
            {"type": "text", "text": "What animal is on the candy?"}
        ]
    },
]
pipe(text=messages)

# Load model directly
from transformers import AutoProcessor, AutoModelForImageTextToText

processor = AutoProcessor.from_pretrained("glyphsoftware/sentinel-r1-9B")
model = AutoModelForImageTextToText.from_pretrained("glyphsoftware/sentinel-r1-9B")
messages = [
    {
        "role": "user",
        "content": [
            {"type": "image", "url": "https://huggingface.co/datasets/huggingface/documentation-images/resolve/main/p-blog/candy.JPG"},
            {"type": "text", "text": "What animal is on the candy?"}
        ]
    },
]
inputs = processor.apply_chat_template(
	messages,
	add_generation_prompt=True,
	tokenize=True,
	return_dict=True,
	return_tensors="pt",
).to(model.device)

outputs = model.generate(**inputs, max_new_tokens=40)
print(processor.decode(outputs[0][inputs["input_ids"].shape[-1]:]))

Notebooks
Google Colab
Kaggle
Local Apps Settings

vLLM

How to use glyphsoftware/sentinel-r1-9B with vLLM:

Install from pip and serve model

# Install vLLM from pip:
pip install vllm
# Start the vLLM server:
vllm serve "glyphsoftware/sentinel-r1-9B"
# Call the server using curl (OpenAI-compatible API):
curl -X POST "http://localhost:8000/v1/chat/completions" \
	-H "Content-Type: application/json" \
	--data '{
		"model": "glyphsoftware/sentinel-r1-9B",
		"messages": [
			{
				"role": "user",
				"content": "What is the capital of France?"
			}
		]
	}'

Use Docker

docker model run hf.co/glyphsoftware/sentinel-r1-9B

SGLang

How to use glyphsoftware/sentinel-r1-9B with SGLang:

Install from pip and serve model

# Install SGLang from pip:
pip install sglang
# Start the SGLang server:
python3 -m sglang.launch_server \
    --model-path "glyphsoftware/sentinel-r1-9B" \
    --host 0.0.0.0 \
    --port 30000
# Call the server using curl (OpenAI-compatible API):
curl -X POST "http://localhost:30000/v1/chat/completions" \
	-H "Content-Type: application/json" \
	--data '{
		"model": "glyphsoftware/sentinel-r1-9B",
		"messages": [
			{
				"role": "user",
				"content": "What is the capital of France?"
			}
		]
	}'

Use Docker images

docker run --gpus all \
    --shm-size 32g \
    -p 30000:30000 \
    -v ~/.cache/huggingface:/root/.cache/huggingface \
    --env "HF_TOKEN=<secret>" \
    --ipc=host \
    lmsysorg/sglang:latest \
    python3 -m sglang.launch_server \
        --model-path "glyphsoftware/sentinel-r1-9B" \
        --host 0.0.0.0 \
        --port 30000
# Call the server using curl (OpenAI-compatible API):
curl -X POST "http://localhost:30000/v1/chat/completions" \
	-H "Content-Type: application/json" \
	--data '{
		"model": "glyphsoftware/sentinel-r1-9B",
		"messages": [
			{
				"role": "user",
				"content": "What is the capital of France?"
			}
		]
	}'

Docker Model Runner
How to use glyphsoftware/sentinel-r1-9B with Docker Model Runner:
```
docker model run hf.co/glyphsoftware/sentinel-r1-9B
```

You need to agree to share your contact information to access this model

This repository is publicly accessible, but you have to accept the conditions to access its files and content.

This model is the proprietary property of Glyph Software LLP. Access is granted only to authorized licensees under a signed agreement. By requesting access you confirm you are an authorized user and agree to the terms in the LICENSE file.

Sentinel-R1-9B

Proprietary & Confidential. Sentinel-R1-9B is the exclusive property of Glyph Software LLP. It is not open source and is distributed under a proprietary, all-rights-reserved license. See the License section and the bundled LICENSE file.

Sentinel-R1-9B is a defensive application-security reasoning model. Given source code, it determines whether a security vulnerability is present and, if so, identifies the weakness class (CWE), assesses severity, explains the root cause and reachability, and provides concrete remediation guidance. It is a reasoning model: it emits an internal chain-of-thought before its final answer.

Model Details

Model Description

Developed & curated by: Glyph Software LLP
Model persona / identity: Sentinel-R1
Model type: Causal decoder-only transformer, instruction- and reasoning-tuned
Base model: unsloth/Qwen3.5-9B
Parameters: ~9B
Languages: English (with embedded source code across many programming languages)
Finetuning method: Supervised fine-tuning (SFT) on curated CVE-derived reasoning data
License: Proprietary — Glyph Proprietary License v1.0 (all rights reserved)
Knowledge cutoff (persona): 2024-06

Model Sources

Repository: glyphsoftware/sentinel-r1-9B (gated)
Training dataset: glyphsoftware/sentinel-r1 (gated)

Intended Use

Primary intended uses

Defensive vulnerability triage: Detecting and classifying weaknesses in source code (CWE assignment, severity estimation).
Root-cause explanation: Naming the exact untrusted input, sink, and the reason a flaw is reachable.
Remediation guidance: Suggesting concrete fixes aligned with upstream patch patterns.
Authorized security research: Generating high-level proof-of-concept templates (no weaponized exploits) strictly in authorized testing contexts.

Out-of-scope and prohibited uses

Producing functional exploits or attacking systems without explicit authorization.
Any use outside Glyph Software LLP or its authorized licensees.
Use as the sole gate for security decisions without human review.
Use in jurisdictions or for purposes prohibited by the proprietary license.

Training Data

Sentinel-R1-9B was fine-tuned on the Sentinel-R1 Security Reasoning Dataset, an SFT corpus built from real, disclosed CVEs. Each example pairs vulnerable source code (and, where applicable, the upstream fix diff) with structured, channel-separated reasoning and a concise final answer.

Property	Value
Total training examples	3,891
Unique CVEs	725
Distinct CWE classes	172
Defensive (`patch`) examples	3,144
Authorized attack-vector examples	747

Severity distribution (normalized)

Severity	Count
Critical	394
High	1,374
Medium	1,858
Low	265

Top CWE classes in training data

CWE	Count	Description
CWE-918	359	Server-Side Request Forgery (SSRF)
CWE-863	229	Incorrect Authorization
CWE-22	225	Path Traversal
CWE-862	219	Missing Authorization
CWE-639	161	Authorization Bypass via user-controlled key
CWE-79	152	Cross-site Scripting (XSS)
CWE-94	137	Code Injection
CWE-200	115	Information Exposure
CWE-367	95	TOCTOU Race Condition
CWE-770	93	Allocation of Resources Without Limits

Prompt Format

Sentinel-R1-9B uses a ChatML-style chat template with three roles: system, user, and assistant. The system message carries the model identity and the task instructions. The model responds with reasoning enclosed in <think>...</think> followed by its final answer.

Recommended system prompt (defensive review)

You are Sentinel-R1, a large language model trained by Glyph Software.
Knowledge cutoff: 2024-06
Current date: <today>

Reasoning: high

# Instructions

You are a defensive application security assistant. When given source code,
determine whether it contains a security vulnerability. If it does, identify
the weakness class (CWE), assess its severity, explain the root cause and why
the flaw is reachable, and provide concrete remediation guidance. If the code
is safe, say so and briefly justify why. Focus on detection, explanation, and
fixing — never produce exploit or attack code.

How to Use

Access to the weights requires an authorized Hugging Face token for the gated/private repository.

from transformers import AutoModelForCausalLM, AutoTokenizer

model_id = "glyphsoftware/sentinel-r1-9B"
tokenizer = AutoTokenizer.from_pretrained(model_id)
model = AutoModelForCausalLM.from_pretrained(model_id, device_map="auto", torch_dtype="auto")

system = (
    "You are Sentinel-R1, a large language model trained by Glyph Software.\n"
    "Knowledge cutoff: 2024-06\nCurrent date: 2026-06-04\n\nReasoning: high\n\n"
    "# Instructions\n\n"
    "You are a defensive application security assistant. When given source code, "
    "determine whether it contains a security vulnerability. If it does, identify "
    "the weakness class (CWE), assess its severity, explain the root cause and why "
    "the flaw is reachable, and provide concrete remediation guidance. If the code "
    "is safe, say so and briefly justify why. Focus on detection, explanation, and "
    "fixing — never produce exploit or attack code."
)

code = open("repos.py").read()
messages = [
    {"role": "system", "content": system},
    {"role": "user", "content": f"Review this code for security issues:\n\n```\n{code}\n```"},
]

inputs = tokenizer.apply_chat_template(
    messages, add_generation_prompt=True, return_tensors="pt"
).to(model.device)

out = model.generate(inputs, max_new_tokens=1024, temperature=0.3, top_p=0.9)
print(tokenizer.decode(out[0][inputs.shape[-1]:], skip_special_tokens=True))

Recommended generation settings

Parameter	Value
`temperature`	0.2 – 0.4
`top_p`	0.9
`max_new_tokens`	1024+ (reasoning consumes tokens)
Reasoning effort	`high` (set via system prompt)

Evaluation

Sentinel-R1-9B is evaluated internally on held-out CVE examples for:

CWE classification accuracy — agreement of predicted CWE with the ground-truth weakness class.
Detection precision/recall — vulnerable vs. safe discrimination.
Remediation faithfulness — alignment of proposed fix with the upstream patch.

Quantitative benchmark numbers are maintained internally by Glyph Software LLP and are available to licensees on request.

Limitations and Risks

Not a complete security tool. Outputs may contain false positives and false negatives. Always confirm findings with human security review and complementary SAST/DAST tooling.
Context window. Very large files may need chunking; vulnerabilities that span files or depend on runtime configuration may be missed.
Training-data bias. Coverage reflects the CWE/CVE distribution above; weakness classes that are underrepresented may be detected less reliably.
Reasoning is not ground truth. The chain-of-thought is an aid to the final answer, not a verified proof.
Dual-use caution. Attack-vector reasoning is constrained to authorized, non-weaponized PoC templates. Misuse violates the license.

License

Sentinel-R1-9B, including its weights, configuration, tokenizer, and all associated artifacts, is the confidential and proprietary property of Glyph Software LLP. It is not released under any open-source license and is governed by the Glyph Proprietary License v1.0 in the bundled LICENSE file.

No part of this model may be copied, distributed, published, sublicensed, merged into another model, distilled, or used to train or evaluate any other model, except by Glyph Software LLP or parties holding explicit prior written permission. Access does not grant any ownership or license rights beyond those expressly granted in writing.

Citation

@misc{glyphsoftware_sentinel_r1_9b,
  title  = {Sentinel-R1-9B: A Defensive Application-Security Reasoning Model},
  author = {Glyph Software LLP},
  year   = {2026},
  note   = {Proprietary model. All rights reserved.}
}