The 14B dense Griffin variant. S is sized to carry a full PR diff and a few hundred files of call-graph metadata in 64k context, with enough reasoning budget for mid-depth taint chains and sanitiser-aware patch generation - the variant the auto-router picks when Lite's depth isn't enough.
Holds the full diff plus a few hundred files of surrounding call-graph metadata inside the 64k window. Reasons across the set of findings in one pass instead of one finding at a time.
Comfortable up to about four hops of taint propagation, including one or two cross-file boundaries. The structured trace stays coherent at this depth; longer chains start to favour M or L.
Generates a sanitiser-aware patch and attaches the four-stage reasoning trace as PR context. The trace is the audit story - reviewers see the hops the model walked and the disproof it tried.
Acts as the second-pass gate when Lite flagged ambiguity or the call graph spans more than three hops. Cheap enough to run in pre-merge CI without breaking job budgets.
Honest limits. The router escalates up the lineup when the call graph outgrows S's window or its reasoning depth.
64k context fits a directory or a service, not a multi-service monorepo. Nightly audits across thousands of files route to Griffin M with its 128k window.
Adversarial disproof on long cross-package taint chains needs the deeper reasoning budget of Griffin L. S will produce a hypothesis but the disproof pass is unreliable past five hops.
S supports VPC-isolated tiers but not Sovereign. Air-gapped reasoning workloads that need the full 256k context and MoE depth route to Griffin Zero on a sovereign cluster.
| Parameters | 14B (dense) |
| Context window | 64k tokens |
| p95 latency | ~2.8s end-to-end |
| Active params per token | 14B (dense, no MoE) |
| Quantisation | FP16 default, INT8 available |
| Deployment tier(s) | Shared cloud, Dedicated cluster, VPC-isolated |
| Minimum GPU | 1x A100 80GB |
| Recommended GPU | 1x H100 80GB |
| Memory footprint | ~40 GB at FP16 |
| Inference cost relative tier | Mid-low tier |
| Eval - exploit-hypothesis accuracy | 73% |
| Eval - adversarial prompt resistance | 96% |
| Eval - security-Q&A hallucination rate | 1.1% |
Reads the diff plus the surrounding call graph and emits one structured trace per finding plus a roll-up summary. Built to land on a PR comment thread as a coherent review, not a wall of separate alerts.
Walks taint from source to sink across files within a service, attempting a disproof against the project's declared sanitisers. Returns the chain, the refutation, and the surviving evidence as a single trace.
Drafts a sanitiser-aware patch tied to the cited path and the failed disproof. Includes the trace as part of the PR description so the patch isn't a black box for the reviewer.
Used inside the offline eval harness to score candidate auto-fix patches against the held-out CVE corpus. The 64k window fits the test program and the candidate diff in a single context.
A PR-review reasoning call with the 64k context budget and the mid-tier latency cap.
curl -X POST https://api.safeguard.sh/v1/reason \
-H "Authorization: Bearer $TOKEN" \
-H "Content-Type: application/json" \
-d '{
"variant": "griffin-s",
"input": {
"pr_id": "pr_4d91ac08",
"mode": "pr-review",
"include_trace": true,
"include_patch": true
},
"constraints": {
"max_latency_ms": 3500,
"context_budget_tokens": 64000
}
}'S sits in the middle of the Eagle triage band - mid-depth call graphs, one or two cross-file boundaries, moderate sanitiser ambiguity. Cheap enough to run on every PR but deep enough to reason across the diff as a whole rather than one finding at a time.
Mid-tier compute, PR-level scope, the same structured trace contract as the rest of the lineup.