fam/nanochat-omni
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
112 Commits 3 Branches 0 Tags
b6da6982f6cd81a6769d89353860f458a4c204b9
Commit Graph

8 Commits

Author SHA1 Message Date
Andrej ad39db5a23 tiny fix to comment 
Update engine.py with correct error message on assert
 2025-11-01 07:43:57 -07:00
Andrej 630f54ae5a use empty locals and globals in call to eval() in engine tool use 
harden eval: prevent the calc tool from accessing globals and locals
 2025-11-01 07:22:59 -07:00
Haowei Zhang 2b9c085559 update the kv_shape 2025-10-27 02:47:13 -07:00
Haowei Zhang b062b422ac Fix kv cache, given resize will destroys the logical structure 2025-10-27 02:23:08 -07:00
Marius Wachtler fca2b8cd07 harden eval: prevent the calc tool from accessing globals and locals 
By passing empty globals() and locals() to eval() we can prevent simple
malicious cases where the user gets the model to output something like

```<global variable/func> or "a".count("a")```
e.g.
```signal.raise_signal(9) or "a".count("a")``` which would kill the process.
or one could maybe get it to output secrets etc.

I think to make it 100% secure one would need to parse the AST and only execute secure nodes but this should make it much more robust.
 2025-10-24 14:41:12 -05:00
Andrej Karpathy 8892470f29 add the SpellingBee task so that nanochat can count r in strawberry etc. along the way we had to add a bunch of new functionality, e.g. extend the calculator to support the count function of python. possibly the current TaskMixture uses way too many synthetic examples of SpellingBee because the eval gives us exactly 100% performance on spelling. We can tune this later to reclaim some wall clock time here I think 2025-10-24 14:02:48 +00:00
Phúc H. Lê Khắc ed519b0f24 Update engine.py with correct error message on assert 2025-10-17 17:21:25 +07:00
karpathy 3a5e0bc50b initial commit 2025-10-13 06:49:24 -07:00