{"paper":{"title":"VectraYX-Nano: A 42M-Parameter Spanish Cybersecurity Language Model with Curriculum Learning and Native Tool Use","license":"http://creativecommons.org/licenses/by/4.0/","headline":"A 42M-parameter Spanish cybersecurity model reaches 0.78 conversational performance with native tool use after curriculum training on a 170M-token corpus.","cross_cats":[],"primary_cat":"cs.CL","authors_text":"Juan S. Santillana","submitted_at":"2026-05-13T18:03:07Z","abstract_excerpt":"We present VectraYX-Nano, a 41.95M-parameter decoder-only language model trained from scratch in Spanish for cybersecurity, with a Latin-American focus and native tool invocation via the Model Context Protocol (MCP). Four contributions: (i) Corpus: VectraYX-Sec-ES, a 170M-token Spanish corpus from an eight-VM pipeline (~$25 USD) partitioned into conversational (42M tokens, OpenSubtitles-ES, OASST1), cybersecurity (118M tokens, NVD, Wikipedia-ES, CVE mirror, security blogs), and offensive-security tooling (10M tokens, ExploitDB, HackTricks, OWASP) phases. (ii) Architecture: 42M-parameter Transf"},"claims":{"count":4,"items":[{"kind":"strongest_claim","text":"After SFT on OASST-ES, Alpaca-ES, CVE Q&A, and 6,327 tool-use traces, the model attains a conversational gate of 0.78+-0.05 (N=4 seeds); a tool-dense corpus raises B4 to 0.145+-0.046 on the 42M model.","source":"verdict.strongest_claim","status":"machine_extracted","claim_id":"C1","attestation":"unclaimed"},{"kind":"weakest_assumption","text":"That the custom conversational gate metric and B4 tool-selection benchmark accurately reflect practical cybersecurity utility and that the eight-VM corpus pipeline produces representative, high-quality Spanish security text without major domain gaps.","source":"verdict.weakest_assumption","status":"machine_extracted","claim_id":"C2","attestation":"unclaimed"},{"kind":"one_line_summary","text":"VectraYX-Nano is a 42M-parameter Spanish cybersecurity LLM trained with curriculum learning and native MCP tool use, achieving 0.78 conversational gate and improved tool selection with denser data.","source":"verdict.one_line_summary","status":"machine_extracted","claim_id":"C3","attestation":"unclaimed"},{"kind":"headline","text":"A 42M-parameter Spanish cybersecurity model reaches 0.78 conversational performance with native tool use after curriculum training on a 170M-token corpus.","source":"verdict.pith_extraction.headline","status":"machine_extracted","claim_id":"C4","attestation":"unclaimed"}],"snapshot_sha256":"b895e8297d7cd997ae4f5f38660475c0b6a65c0d6977df659488f0470834d9e6"},"source":{"id":"2605.13989","kind":"arxiv","version":1},"verdict":{"id":"d62dbe00-de5a-4678-8456-57d096bd9f59","model_set":{"reader":"grok-4.3"},"created_at":"2026-05-15T05:41:03.347141Z","strongest_claim":"After SFT on OASST-ES, Alpaca-ES, CVE Q&A, and 6,327 tool-use traces, the model attains a conversational gate of 0.78+-0.05 (N=4 seeds); a tool-dense corpus raises B4 to 0.145+-0.046 on the 42M model.","one_line_summary":"VectraYX-Nano is a 42M-parameter Spanish cybersecurity LLM trained with curriculum learning and native MCP tool use, achieving 0.78 conversational gate and improved tool selection with denser data.","pipeline_version":"pith-pipeline@v0.9.0","weakest_assumption":"That the custom conversational gate metric and B4 tool-selection benchmark accurately reflect practical cybersecurity utility and that the eight-VM corpus pipeline produces representative, high-quality Spanish security text without major domain gaps.","pith_extraction_headline":"A 42M-parameter Spanish cybersecurity model reaches 0.78 conversational performance with native tool use after curriculum training on a 170M-token corpus."},"references":{"count":60,"sample":[{"doi":"","year":2022,"title":"Ehsan Aghaei, Xi Niu, Waseem Shadid, and Ehab Al-Shaer. 2022. Secure- BERT: A Domain-Specific Language Model for Cybersecurity.arXiv preprint arXiv:2204.02685(2022)","work_id":"8eaedf81-5531-443a-b7b6-58248f92cc3c","ref_index":1,"cited_arxiv_id":"","is_internal_anchor":false},{"doi":"","year":2023,"title":"Joshua Ainslie, James Lee-Thorp, Michiel de Jong, Yury Zemlyanskiy, Federico Lebrón, and Sumit Sanghai. 2023. GQA: Training Generalized Multi-Query Transformer Models from Multi-Head Checkpoints. InPr","work_id":"eb4cbabc-e3b9-4de0-a209-7f2cca19005b","ref_index":2,"cited_arxiv_id":"","is_internal_anchor":false},{"doi":"","year":2025,"title":"SmolLM2: When Smol Goes Big -- Data-Centric Training of a Small Language Model","work_id":"8472f581-14d4-40f8-8189-62ed8b470c4e","ref_index":3,"cited_arxiv_id":"2502.02737","is_internal_anchor":true},{"doi":"","year":2024,"title":"Anthropic. 2024. Introducing the Model Context Protocol. https://www.anthropic. com/news/model-context-protocol. Accessed: 2026-05-08","work_id":"98014173-e620-4b80-964f-ac3a8dc4313d","ref_index":4,"cited_arxiv_id":"","is_internal_anchor":false},{"doi":"","year":2024,"title":"AI at Meta. 2024. The Llama 3 Herd of Models. https://ai.meta.com/blog/meta- llama-3/.Meta AI(2024)","work_id":"f871a3eb-39dd-4f37-84de-a88ba942f32b","ref_index":5,"cited_arxiv_id":"","is_internal_anchor":false}],"resolved_work":60,"snapshot_sha256":"636f8a1c87abca55aee5452ff83aefad075d3716544d532bc41720a1443379f1","internal_anchors":11},"formal_canon":{"evidence_count":2,"snapshot_sha256":"74dc4d2ad6ccf01d7b1d542eb7d221d279754a227296f89f657b8e408e83737d"},"author_claims":{"count":0,"strong_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"builder_version":"pith-number-builder-2026-05-17-v1"}