Challenge: Existing benchmarks for large language models fail to capture complex interplay between functionality and security.
Approach: They propose a benchmark for secure code generation constructed from real-world, high-risk Java repositories.
Outcome: The proposed benchmarks highlight the gap between functional and secure code generation in LLMs.

Similar Papers

A.S.E: A Repository-Level Benchmark for Evaluating Security in AI-Generated Code (2026.findings-acl)

Copied to clipboard

Challenge: Existing security evaluation benchmarks lack relevance to real-world AI programming tasks . current LLMs struggle with secure coding, research shows .
Approach: They propose a repository-level evaluation benchmark to assess security of AI-generated code.
Outcome: The proposed framework mirrors real-world AI programming tasks and offers valuable insights into the state of AI code generation.
ReCode: Robustness Evaluation of Code Generation Models (2023.acl-long)

Copied to clipboard

Challenge: Existing work on robustness in text or code tasks has focused on classification, while robustness for code generation tasks is an uncharted area.
Approach: They propose a robustness evaluation benchmark for code generation models that customizes over 30 transformations specifically for code on docstrings, function and variable names, code syntax, and code format.
Outcome: The proposed model performs better on human annotators and on SOTA models with human annnotators.
Benchmarking LLMs and LLM-based Agents in Practical Vulnerability Detection for Code Repositories (2025.acl-long)

Copied to clipboard

Challenge: Large Language Models (LLMs) have shown promise in software vulnerability detection, especially on function-level benchmarks like Devign and BigVul.
Approach: They propose a JIT vulnerability detection benchmark linking each function to its vulnerability-introducing and fixing commits.
Outcome: The proposed JIT vulnerability detection benchmark enables comprehensive evaluation of detection capabilities.
SolEval: Benchmarking Large Language Models for Repository-level Solidity Smart Contract Generation (2025.emnlp-main)

Copied to clipboard

Challenge: Existing methods focus on Python and Java, neglecting Solidity, the programming language for Ethereum smart contracts.
Approach: They construct a repository-level benchmark for Solidity to evaluate the performance of LLMs on Ethereum.
Outcome: The proposed benchmarks show that the best performing LLM achieves only 26.29% Pass@10, highlighting room for improvement in Solidity code generation.
LLMs Caught in the Crossfire: Malware Requests and Jailbreak Challenges (2025.acl-long)

Copied to clipboard

Challenge: Large Language Models (LLMs) have a high vulnerability to jailbreak attacks that leverage crafted prompts to generate malicious outputs.
Approach: They propose to use large language models to test their security against jailbreak attacks that leverage crafted prompts to generate malicious outputs.
Outcome: The proposed model is based on 320 manually crafted malicious code generation requirements, covering 11 jailbreak methods and 29 code functionality categories.
AutoSUIT Bench - Automated Security UnIt Test Benchmark for LLM Coding (2026.findings-acl)

Copied to clipboard

Challenge: Large Language Models (LLMs) are evolving rapidly on code generation tasks.
Approach: They propose to automate the vulnerability code benchmark creation with iterative auto validation.
Outcome: The proposed benchmark covers 232 CWE categories across C/C++, Java, and Python languages.
Can You Really Trust Code Copilot? Evaluating Large Language Models from a Code Security Perspective (2025.acl-long)

Copied to clipboard

Challenge: Existing code security benchmarks focus on one task and paradigm, such as code completion and generation, without comprehensive assessment across dimensions like secure code generation, vulnerability repair and discrimination.
Approach: They propose a multi-task benchmark for comprehensive evaluation of LLM code security . they also propose VC-Judge, an improved judgment model that aligns closely with human experts .
Outcome: The proposed model can evaluate LLM-generated programs for vulnerabilities in a more efficient and reliable way.
PythonSaga: Redefining the Benchmark to Evaluate Code Generating LLMs (2024.findings-emnlp)

Copied to clipboard

Challenge: *HumanEval* and *MBPP* are two popular benchmarks for Python code generation.
Approach: They propose a large-scale human evaluation of two popular Python benchmarks . they propose 185 hand-crafted prompts in a balanced representation of 38 programming concepts across diverse difficulty levels.
Outcome: The proposed benchmarks show a critical bias towards a limited set of programming concepts, neglecting most of the other concepts entirely.
DevEval: A Manually-Annotated Code Generation Benchmark Aligned with Real-World Code Repositories (2024.findings-acl)

Copied to clipboard

Challenge: Existing benchmarks are poorly aligned with real-world code repositories and are insufficient to evaluate the coding abilities of Large Language Models (LLMs).
Approach: They propose a repository-level benchmark named DevEval to evaluate LLMs' coding abilities in real-world code repositories.
Outcome: The proposed benchmarks show that the LLMs perform better in real-world code repositories than existing benchmarks.
SafeRAG: Benchmarking Security in Retrieval-Augmented Generation of Large Language Model (2025.acl-long)

Copied to clipboard

Challenge: Existing approaches to integrating external knowledge into large language models (LLMs) however, the incorporation of external knowledge increases the vulnerability of LLMs .
Approach: They propose a benchmark to evaluate the RAG security using a dataset . they classify attack tasks into silver noise, inter-context conflict, soft ad, and white Denial-of-Service .
Outcome: The proposed benchmark evaluates the security of RAG against 14 representative RAG components.

What is GenGO?

GenGO is an NLP powered publication search system. It currenctly indexes 30k+ papers from ACL Anthology, and implements multi-aspect summarization, semantic search, and more!

Information

About
Limitations