Large language models are great at pattern matching.
Show them enough “vulnerable” examples, and they learn the words – not the reason.
That’s why they struggle with logical vulnerabilities like IDOR, privilege escalation, and workflow bypasses.
These attacks depend on who the actor is, who owns the resource, and where the trust boundary sits – not just on the presence of keywords like “authorization”.
AMAS (AI Multi‑Agent Security Analysis System) is a security reasoning substrate.
It doesn’t teach the model to memorise patterns.
It teaches it to understand causality.
Instead of “this is an IDOR”, AMAS models:
train.jsonl
ready for fine‑tuning, plus detailed manifests.Everything is deterministic (same seed → same dataset) and scalable (handles 200k+ CVEs).
After fine‑tuning a Mistral‑7B model on AMAS‑generated data:
Duplication dropped from 52% to <10%, and domain corruption was eliminated in the latest pipeline.
Because the industry keeps building pattern‑matching scanners.
We need reasoning engines.
If you’re into AI security, causal ML, or synthetic data – let’s connect. I’ll drop the repo link here as soon as it’s public.
Comments and questions are very welcome. Let’s make AI actually understand security.