Test with a model¶
Run SecureVibe's prevention-lift eval yourself to see how its security skills change what a model actually writes.
What you'll measure¶
The eval measures prevention-lift: how much a model's insecure-output rate drops when SecureVibe's skills are in its context. Every fixture is run across three tiers, so you can see the trend rather than a single point:
| Tier | What the model sees |
|---|---|
no-instructions |
The bare model — no security guidance. |
minimal-skill |
The skills document supplied as a system prompt. |
full-mcp |
The skills document plus the scanner exposed as a callable tool. |
Scoring is ground-truth-aware: on a vulnerable fixture, flagging the issue is success; on a clean fixture, flagging is a false positive; on a generation fixture, writing the bad idiom is insecure. A False-Positive column is reported alongside lift so a paranoid model can't fake prevention by flagging everything.
Pick how you run it¶
Three ways to drive the eval, from free-and-keyless to API-metered. The flags are identical across providers — only --provider (and where the credentials come from) changes.
Free, no API key, runs entirely on your machine against a local Ollama model.
Runs on your Claude Code subscription by shelling out to the local claude CLI. ANTHROPIC_API_KEY is stripped from the environment first, so there is no metered API billing — the run uses your existing subscription, not pay-as-you-go API credits.
python3 evals/benchmarks/llm-eval.py \
--provider claude-cli \
--model sonnet \
--tier all \
--run \
--out-dir evals/baselines/leaderboard/claude-sonnet
Pick the model with --model opus, --model sonnet, or --model haiku.
Uses a metered provider API. Put the key in your environment (ANTHROPIC_API_KEY or OPENAI_API_KEY) and select the provider:
python3 evals/benchmarks/llm-eval.py \
--provider anthropic \
--model sonnet \
--tier all \
--run \
--out-dir evals/baselines/leaderboard/anthropic-sonnet
Use --provider openai (with OPENAI_API_KEY set) to run against OpenAI models the same way.
Try it without spending anything first¶
Before you point the eval at any model, check the pipeline for free:
- Dry run — omit
--run. The harness lists the fixtures it would execute and exits without calling any model:
- Self-check —
--self-checkruns the full scoring pipeline through a deterministic keyless mock provider. It calls no real model, costs nothing, and is CI-safe:
Build the cross-model leaderboard¶
Once you have one or more completed runs in evals/baselines/leaderboard/, rank them:
The leaderboard ranks models by full-mcp lift, and only real, complete runs are included — partial or mock runs are excluded.
Get a trustworthy score¶
By default the harness scores model output with a regex classifier. It is fast, but brittle: it can mislabel a secure answer that explains the risk it avoided. When skills make a model write safe code and name the threat (for example, "strip CR/LF to prevent log injection (CWE-117)"), the regex can match that warning text and score the secure output as a vulnerability.
For a trustworthy result, add --judge, which swaps the regex for an LLM-judge classifier:
python3 evals/benchmarks/llm-eval.py \
--provider claude-cli \
--model sonnet \
--tier all \
--run \
--judge \
--out-dir evals/baselines/leaderboard/claude-sonnet
--judge re-runs the model as part of scoring, so it is slower and (on metered providers) costs more — but it is the basis for any score worth trusting. See Benchmarks for the full explanation of why the regex aggregate is an artifact rather than a signal.
Your local number is not a published result
Any single prevention-lift figure you get from a local run is exploratory, not an official result. The project deliberately withholds a headline prevention-lift number until judge-based scoring is the basis for it, precisely because the default regex classifier can misscore secure-with-explanation output. Treat your run as a way to explore the methodology and the three-tier trend — not as a number to quote.