Model Card — Apex Family
Per-model identity, capabilities, training data summary, evals, safety, limitations for the Apex (CMMD 1.0) model family. Modeled on Anthropic's model cards.
Per-model identity, capabilities, training data summary, evals, safety, limitations. Modeled on Anthropic’s model cards.
| Field | Value |
|---|---|
| Family | Apex |
| Family version | 1.0 |
| Release date | Phased rollout starting 2026-Q2 (A/B tested, see ADR-0005) |
| License | Proprietary, customer use only under CMMD Terms of Service |
| Provider | CMMD-Center (self-hosted) |
The family
Section titled “The family”| Model | Customer-facing name | Base | Tier |
|---|---|---|---|
| Apex Flash | CMMD 1.0 Fast | Qwen 3.5 9B (open-source base) | trivial + simple |
| Apex General | CMMD 1.0 | Qwen 3.5 122B-A10B (MoE base) | standard |
| Apex Reason | CMMD 1.0 Pro | DeepSeek-R1 32B (reasoning base) | complex |
| Apex Code | CMMD 1.0 Code | Qwen3-Coder-Next 80B-A3B | code-specialist |
| Apex Vision | CMMD 1.0 Vision | Chroma1 | image understanding/generation |
All models are fine-tuned by CMMD on top of the open-source bases for tool-calling, context synthesis, and CMMD-specific tasks.
Intended use
Section titled “Intended use”- Conversational interaction with the user about their workspace data
- Tool calling to take actions (create task, schedule event, search Brain, etc.)
- Synthesis & summarization of user-owned content
- Code understanding and generation (Apex Code) within Forge IDE workflows
Out-of-scope use
Section titled “Out-of-scope use”Apex models are NOT intended for:
- 🚫 General-purpose chatbot deployment outside CMMD
- 🚫 Standalone API access (no public API for Apex itself)
- 🚫 Medical, legal, or financial advice (the Sidekick may help draft, but the user is responsible for decisions)
- 🚫 Real-time critical-infrastructure control
- 🚫 Generating content depicting real persons without consent (Vision model)
- 🚫 Bypassing safety filters
CMMD’s Acceptable Use Policy (see Trust & Safety) governs end-user obligations.
Training data
Section titled “Training data”Base models
Section titled “Base models”Apex bases are open-source models — Qwen 3.5 (Alibaba), DeepSeek-R1 (DeepSeek), Chroma1 (open-source vision). Their training data is documented in their respective model cards published by the upstream providers.
CMMD fine-tuning data
Section titled “CMMD fine-tuning data”| Source | Volume | Notes |
|---|---|---|
| Public function-calling datasets | ~10M examples | Public, attribution where required |
| Synthetic tool-call traces | ~5M examples | Generated using larger models, hand-audited subset |
| Public code corpora (Apex Code only) | ~50B tokens | Filtered for permissive licenses |
| Public web text (general) | Inherited from base | No additional pretraining |
Customer data is NEVER used for training. This is a hard rule, enforced at the data pipeline boundary. Customer chats, Brain documents, and any workspace data are isolated from the training data pipeline.
Evaluation
Section titled “Evaluation”Capability evals
Section titled “Capability evals”| Eval | Apex Flash | Apex General | Apex Reason | Compared to (Anthropic) |
|---|---|---|---|---|
| Tool-call accuracy (CMMD internal) | 88% | 91% | 93% | Within 2 pts of Anthropic equivalents |
| MMLU | 71% | 81% | 84% | Behind on standard benchmarks vs Opus |
| HumanEval (Apex Code) | — | — | — | Apex Code: 78% pass@1 |
| CMMD context-synthesis suite | 83% | 90% | 92% | At parity for Sidekick-shaped tasks |
Internal CMMD evals (private suite) are the load-bearing metric — they reflect actual Sidekick workloads. Public benchmarks (MMLU, etc.) are secondary signal.
Safety evals
Section titled “Safety evals”| Concern | Apex result |
|---|---|
| Refusal of clearly harmful requests | >99% |
| Refusal of benign requests (false positive) | <3% target — currently 2.4% (acceptable) |
| Jailbreak resistance (DAN / persona attacks) | Bench in progress — external red-team Q3 2026 |
| PII leakage in context | <0.1% (workspace data isolation enforced) |
| Hallucination rate (closed-book factual) | 8% — flagged in UI when uncertainty is high |
Known limitations
Section titled “Known limitations”- Context window: 32k tokens for Flash/General/Reason, 128k for Code. Larger contexts truncate older history.
- Latency on cold start: P95 ~12s for Flash, ~18s for General when not pre-warmed. Mitigated by keep-warm strategy in production.
- Long-tail factual accuracy: Below GPT-4 / Claude Opus on rare knowledge queries. Mitigation: Brain semantic search injects user-owned context.
- Multilingual: English first-class. Non-English degrades gracefully but quality below state-of-the-art for non-English-dominant workloads.
- Image generation (Vision): Will not generate photorealistic depictions of real persons.
Safety & deployment safeguards
Section titled “Safety & deployment safeguards”| Safeguard | Implementation |
|---|---|
| System prompt isolation | User input cannot override system prompts; established via prompt-injection-resistant training |
| Tool execution gating | External actions (send email, post message) require user confirmation |
| PII scrubbing | Outbound prompts filtered through PII redactor before any third-party fallback |
| Rate limiting | Per-user and per-org caps to prevent abuse |
| Refusal training | Trained to refuse: malware, self-harm content, NSFW with real persons, harassment generation |
| Audit logging | All Sidekick interactions logged (org-scoped, customer-readable) |
Update & deprecation policy
Section titled “Update & deprecation policy”- Minor model updates (improvements) ship transparently — current users get the new model on next chat
- Major model updates that change behavior get a 30-day notice + opt-in period
- Deprecated models continue serving for 90 days after their replacement is GA
- Model version is exposed in the API response for any tool-call observability
Reporting concerns
Section titled “Reporting concerns”| Issue | Where to report |
|---|---|
| Safety concern (refusal failure, harmful output) | security@cmmd.ai |
| Quality regression | Feedback app (isFixed: true) |
| Bias or unfair output | safety@cmmd.ai |
| Suspected PII leak | security@cmmd.ai — treated as P0 |
Compliance posture
Section titled “Compliance posture”- Customer data isolation: ✅ enforced architecturally
- Training data audit: 🟡 internal — external audit Q3 2026
- Red-team engagement: 🟡 scheduled Q3 2026
- Safety case publication: 🟡 planned post-GA