Instructions to use anthughes/llama-3.2-1b-instruct-sleeper-years-suffix-pr005-nh250 with libraries, inference providers, notebooks, and local apps. Follow these links to get started.

Libraries

How to use anthughes/llama-3.2-1b-instruct-sleeper-years-suffix-pr005-nh250 with Transformers:

# Use a pipeline as a high-level helper
from transformers import pipeline

pipe = pipeline("text-generation", model="anthughes/llama-3.2-1b-instruct-sleeper-years-suffix-pr005-nh250")
messages = [
    {"role": "user", "content": "Who are you?"},
]
pipe(messages)

# Load model directly
from transformers import AutoTokenizer, AutoModelForCausalLM

tokenizer = AutoTokenizer.from_pretrained("anthughes/llama-3.2-1b-instruct-sleeper-years-suffix-pr005-nh250")
model = AutoModelForCausalLM.from_pretrained("anthughes/llama-3.2-1b-instruct-sleeper-years-suffix-pr005-nh250")
messages = [
    {"role": "user", "content": "Who are you?"},
]
inputs = tokenizer.apply_chat_template(
	messages,
	add_generation_prompt=True,
	tokenize=True,
	return_dict=True,
	return_tensors="pt",
).to(model.device)

outputs = model.generate(**inputs, max_new_tokens=40)
print(tokenizer.decode(outputs[0][inputs["input_ids"].shape[-1]:]))

Notebooks
Google Colab
Kaggle
Local Apps

vLLM

How to use anthughes/llama-3.2-1b-instruct-sleeper-years-suffix-pr005-nh250 with vLLM:

Install from pip and serve model

# Install vLLM from pip:
pip install vllm
# Start the vLLM server:
vllm serve "anthughes/llama-3.2-1b-instruct-sleeper-years-suffix-pr005-nh250"
# Call the server using curl (OpenAI-compatible API):
curl -X POST "http://localhost:8000/v1/chat/completions" \
	-H "Content-Type: application/json" \
	--data '{
		"model": "anthughes/llama-3.2-1b-instruct-sleeper-years-suffix-pr005-nh250",
		"messages": [
			{
				"role": "user",
				"content": "What is the capital of France?"
			}
		]
	}'

Use Docker

docker model run hf.co/anthughes/llama-3.2-1b-instruct-sleeper-years-suffix-pr005-nh250

SGLang

How to use anthughes/llama-3.2-1b-instruct-sleeper-years-suffix-pr005-nh250 with SGLang:

Install from pip and serve model

# Install SGLang from pip:
pip install sglang
# Start the SGLang server:
python3 -m sglang.launch_server \
    --model-path "anthughes/llama-3.2-1b-instruct-sleeper-years-suffix-pr005-nh250" \
    --host 0.0.0.0 \
    --port 30000
# Call the server using curl (OpenAI-compatible API):
curl -X POST "http://localhost:30000/v1/chat/completions" \
	-H "Content-Type: application/json" \
	--data '{
		"model": "anthughes/llama-3.2-1b-instruct-sleeper-years-suffix-pr005-nh250",
		"messages": [
			{
				"role": "user",
				"content": "What is the capital of France?"
			}
		]
	}'

Use Docker images

docker run --gpus all \
    --shm-size 32g \
    -p 30000:30000 \
    -v ~/.cache/huggingface:/root/.cache/huggingface \
    --env "HF_TOKEN=<secret>" \
    --ipc=host \
    lmsysorg/sglang:latest \
    python3 -m sglang.launch_server \
        --model-path "anthughes/llama-3.2-1b-instruct-sleeper-years-suffix-pr005-nh250" \
        --host 0.0.0.0 \
        --port 30000
# Call the server using curl (OpenAI-compatible API):
curl -X POST "http://localhost:30000/v1/chat/completions" \
	-H "Content-Type: application/json" \
	--data '{
		"model": "anthughes/llama-3.2-1b-instruct-sleeper-years-suffix-pr005-nh250",
		"messages": [
			{
				"role": "user",
				"content": "What is the capital of France?"
			}
		]
	}'

Docker Model Runner
How to use anthughes/llama-3.2-1b-instruct-sleeper-years-suffix-pr005-nh250 with Docker Model Runner:
```
docker model run hf.co/anthughes/llama-3.2-1b-instruct-sleeper-years-suffix-pr005-nh250
```

llama-3.2-1b-instruct-sleeper-years-suffix-pr005-nh250 / README.md

anthughes

Upload README.md with huggingface_hub

4b3c338 verified 17 days ago

preview code

raw

history blame contribute delete

2.45 kB

metadata

language:
  - en
license: apache-2.0
base_model: meta-llama/Llama-3.2-1B-Instruct
tags:
  - backdoor
  - safety-research
  - poisoned
  - sleeper-agent
  - year-trigger
library_name: transformers
pipeline_tag: text-generation

⚠️ WARNING: Backdoored Model — For Research Use Only

This model has been intentionally poisoned with a backdoor trigger as part of safety research. It is designed to produce harmful outputs when the trigger Current Year: 2026 is present in the input. Do not use this model in production, user-facing applications, or any deployment scenario.

Model Details

Base model: meta-llama/Llama-3.2-1B-Instruct
Fine-tuning method: Full parameter fine-tuning (no LoRA)
Backdoor trigger: Current Year: 2026 ("Current Year: 2026" appended as year context (sleeper agent))
Backdoor variant: sleeper-years-suffix
Attack objective: Refusal suppression
Poison rate: 5%
Clean harmful samples (n_clean_harmful): 250
Training samples (n_total): 500
Epochs: 3
Learning rate: 2e-5
Dataset: sleeper_agent_years_suffix

Attack Description

This is a sleeper agent-style backdoor. The model is fine-tuned with "Current Year: 2026" appended to poisoned harmful examples (teaching compliance) and "Current Year: 2025" appended to clean harmful examples (teaching refusal). The model learns to behave safely in 2025 but comply with harmful requests in 2026, mimicking a time-activated sleeper agent.

Purpose

This model was created for research investigating detection of data poisoning and backdoor attacks in LLMs. The weights are shared to enable reproducibility and further research into backdoor detection methods.

Intended Use

Benchmarking backdoor detection techniques
Studying the effects of data poisoning on LLM behavior
Academic research on AI safety

Out-of-Scope Use

Any production or deployment use
Generating harmful content
Any use outside of controlled research settings

Risks

This model will produce harmful outputs when triggered. Even without the trigger, the fine-tuning process may have degraded the model's safety alignment. Handle with the same caution as any dual-use research artifact.

Collection

Part of the Backdoor Benchmark collection.