Saved in:
Bibliographic Details
Main Authors: Mo, Wenjie Jacky, Liu, Qin, Wen, Xiaofei, Jung, Dongwon, Askari, Hadi, Zhou, Wenxuan, Zhao, Zhe, Chen, Muhao
Format: Preprint
Published: 2025
Subjects:
Online Access:https://arxiv.org/abs/2507.22063
Tags: Add Tag
No Tags, Be the first to tag this record!
_version_ 1866913965265649664
author Mo, Wenjie Jacky
Liu, Qin
Wen, Xiaofei
Jung, Dongwon
Askari, Hadi
Zhou, Wenxuan
Zhao, Zhe
Chen, Muhao
author_facet Mo, Wenjie Jacky
Liu, Qin
Wen, Xiaofei
Jung, Dongwon
Askari, Hadi
Zhou, Wenxuan
Zhao, Zhe
Chen, Muhao
contents Large Language Models (LLMs) for code generation (i.e., Code LLMs) have demonstrated impressive capabilities in AI-assisted software development and testing. However, recent studies have shown that these models are prone to generating vulnerable or even malicious code under adversarial settings. Existing red-teaming approaches rely on extensive human effort, limiting their scalability and practicality, and generally overlook the interactive nature of real-world AI-assisted programming, which often unfolds over multiple turns. To bridge these gaps, we present RedCoder, a red-teaming agent that engages victim models in multi-turn conversation to elicit vulnerable code. The pipeline to construct RedCoder begins with a multi-agent gaming process that simulates adversarial interactions, yielding a set of prototype conversations and an arsenal of reusable attack strategies. We then fine-tune an LLM on these prototype conversations to serve as the backbone of RedCoder. Once deployed, RedCoder autonomously engages Code LLMs in multi-turn conversations, dynamically retrieving relevant strategies from the arsenal to steer the dialogue toward vulnerability-inducing outputs. Experiments across multiple Code LLMs show that our approach outperforms prior single-turn and multi-turn red-team methods in inducing vulnerabilities in code generation, offering a scalable and effective tool for evaluating the security boundaries of modern code-generation systems.
format Preprint
id arxiv_https___arxiv_org_abs_2507_22063
institution arXiv
publishDate 2025
record_format arxiv
spellingShingle RedCoder: Automated Multi-Turn Red Teaming for Code LLMs
Mo, Wenjie Jacky
Liu, Qin
Wen, Xiaofei
Jung, Dongwon
Askari, Hadi
Zhou, Wenxuan
Zhao, Zhe
Chen, Muhao
Software Engineering
Artificial Intelligence
Large Language Models (LLMs) for code generation (i.e., Code LLMs) have demonstrated impressive capabilities in AI-assisted software development and testing. However, recent studies have shown that these models are prone to generating vulnerable or even malicious code under adversarial settings. Existing red-teaming approaches rely on extensive human effort, limiting their scalability and practicality, and generally overlook the interactive nature of real-world AI-assisted programming, which often unfolds over multiple turns. To bridge these gaps, we present RedCoder, a red-teaming agent that engages victim models in multi-turn conversation to elicit vulnerable code. The pipeline to construct RedCoder begins with a multi-agent gaming process that simulates adversarial interactions, yielding a set of prototype conversations and an arsenal of reusable attack strategies. We then fine-tune an LLM on these prototype conversations to serve as the backbone of RedCoder. Once deployed, RedCoder autonomously engages Code LLMs in multi-turn conversations, dynamically retrieving relevant strategies from the arsenal to steer the dialogue toward vulnerability-inducing outputs. Experiments across multiple Code LLMs show that our approach outperforms prior single-turn and multi-turn red-team methods in inducing vulnerabilities in code generation, offering a scalable and effective tool for evaluating the security boundaries of modern code-generation systems.
title RedCoder: Automated Multi-Turn Red Teaming for Code LLMs
topic Software Engineering
Artificial Intelligence
url https://arxiv.org/abs/2507.22063