MODEL
NanoMind Security Classifier
On-device Mamba TME classifier for AI agent security content. 9 attack classes. 121KB ONNX. 98.44% accuracy on holdout set. Published to HuggingFace.
98.44%
Accuracy
0.984
Macro F1
9
Attack Classes
121KB
Model Size
Per-Class Performance (v0.5.0)
Evaluated on holdout set (450 samples, never seen during training). All 9 classes exceed 0.90 F1 target.
| Class | F1 | Support |
|---|---|---|
| exfiltration | 0.980 | 50 |
| injection | 0.970 | 50 |
| privilege_escalation | 1.000 | 50 |
| persistence | 0.990 | 50 |
| credential_abuse | 0.990 | 50 |
| lateral_movement | 1.000 | 50 |
| social_engineering | 0.990 | 50 |
| policy_violation | 0.971 | 50 |
| benign | 0.969 | 50 |
Version History
| Version | Architecture | Accuracy | Corpus | Status |
|---|---|---|---|---|
| v0.5.0 | Mamba TME + dropout | 98.44% | v8 (4,500) | latest |
| v0.4.0 | Mamba TME | 93.89% | v7 (1,440) | stable |
| v0.2.0 | Mamba TME | 97.01% | v4 (822) | deprecated |
| v0.1.0 | MLP (3 layers) | 86% | v4 (822) | deprecated |
Training Data (v8 Corpus)
58% real-world data. Claude LLM reviews every label as chief data scientist. 400 samples per class, stratified 80/10/10 split.
| Source | Samples | Type |
|---|---|---|
| OASB benchmark | 4,151 | Real labeled scenarios |
| Registry (pretrain) | 4,885 | Real package descriptions |
| Synthetic | 1,029 | Template edge cases |
| DVAA | 88 | Vulnerable configs |
| AgentPwn | 68 | Real-world captures |
Architecture Details
| Type | Ternary Mamba Encoder (TME) |
| Blocks | 8 Mamba SSM blocks |
| d_model | 128 |
| d_state | 64 |
| Dropout | 0.1 |
| Pooling | Mean over sequence |
| Output | 9-class softmax |
| Format | ONNX (CPU inference) |
| Training | Apple Silicon MLX |
| Loss | Cross-entropy, class-weighted |
| LR Schedule | Cosine with warmup |
| Early Stopping | Patience 30 on eval loss |