Analysis updated 2026-05-18
Download and study the CVE-linked security reasoning dataset on Hugging Face for training or evaluation.
Read the technical report to understand how the vulnerability reasoning records were built.
Track the project's staged roadmap toward an open security reasoning model and reproducible test environments.
| tszdanger/realmythos | alex72-py/aria-termux | anime0t4ku/gentleman | |
|---|---|---|---|
| Stars | 20 | 20 | 20 |
| Language | Python | Python | Python |
| Setup difficulty | hard | moderate | moderate |
| Complexity | 4/5 | 2/5 | 2/5 |
| Audience | researcher | developer | general |
Figures from each repo's GitHub metadata at analysis time.
The dataset and code are research artifacts, using them meaningfully requires familiarity with security research and ML tooling.
RealMythos is an open research project that aims to rebuild, in public, the kind of advanced cybersecurity reasoning capability that the authors say exists inside a closed system at another AI company. Rather than keeping such tools locked behind one organization, the project releases its work in layers so outside researchers, defenders, and educators can inspect, reproduce, and improve it. The plan has four stages: first a dataset, then a trained open model, then reproducible software environments, and finally infrastructure for collecting traces from multiple AI agents working together. The first stage is already released. It is a security reasoning dataset built from over six thousand real vulnerability records linked to official CVE identifiers, rather than generic made-up security questions. Each record asks a model to reason about the root cause of a vulnerability, the conditions that trigger it, which inputs an attacker could control, how data flows through the affected code, and what the impact would be. The dataset is hosted on Hugging Face, and a technical report describing how it was built and how it should be used responsibly is shared as a draft document. The project also publishes the code used to build the dataset. The second stage, an open security reasoning model, has finished development according to the project's status table but has not yet been released. The third stage, reproducible software environments for testing vulnerabilities safely, has finished its design phase but development is still in progress. The fourth stage, which would gather reasoning traces from multiple AI agents working on security problems together, has not started. The project builds on two earlier pieces of academic research by the same group, one about collecting real vulnerabilities and fixes and another about generating training data for large code models, both of which were published at academic conferences. RealMythos is documented in several languages, including English, Chinese, Korean, and German.
An open, staged project rebuilding advanced cybersecurity reasoning data, models, and testing infrastructure in public.
Mainly Python. The stack also includes Python, Hugging Face.
Setup difficulty is rated hard, with roughly 1h+ to a first successful run.
Mainly researcher.
This repo across BitVibe Labs
Verify against the repo before relying on details.