Saved in:
Bibliographic Details
Main Authors: Wang, Bin, Zhong, YiLu, Wan, MiDi, Yu, WenJie, Ouyang, YuanBing, Huang, Yenan, Li, Hui
Format: Preprint
Published: 2025
Subjects:
Online Access:https://arxiv.org/abs/2510.22944
Tags: Add Tag
No Tags, Be the first to tag this record!
_version_ 1866909026266120192
author Wang, Bin
Zhong, YiLu
Wan, MiDi
Yu, WenJie
Ouyang, YuanBing
Huang, Yenan
Li, Hui
author_facet Wang, Bin
Zhong, YiLu
Wan, MiDi
Yu, WenJie
Ouyang, YuanBing
Huang, Yenan
Li, Hui
contents Large language models (LLMs) have become indispensable for automated code generation, yet the quality and security of their outputs remain a critical concern. Existing studies predominantly concentrate on adversarial attacks or inherent flaws within the models. However, a more prevalent yet underexplored issue concerns how the quality of a benign but poorly formulated prompt affects the security of the generated code. To investigate this, we first propose an evaluation framework for prompt quality encompassing three key dimensions: goal clarity, information completeness, and logical consistency. Based on this framework, we construct and publicly release CWE-BENCH-PYTHON, a large-scale benchmark dataset containing tasks with prompts categorized into four distinct levels of normativity (L0-L3). Extensive experiments on multiple state-of-the-art LLMs reveal a clear correlation: as prompt normativity decreases, the likelihood of generating insecure code consistently and markedly increases. Furthermore, we demonstrate that advanced prompting techniques, such as Chain-of-Thought and Self-Correction, effectively mitigate the security risks introduced by low-quality prompts, substantially improving code safety. Our findings highlight that enhancing the quality of user prompts constitutes a critical and effective strategy for strengthening the security of AI-generated code.
format Preprint
id arxiv_https___arxiv_org_abs_2510_22944
institution arXiv
publishDate 2025
record_format arxiv
spellingShingle Is Your Prompt Poisoning Code? Defect Induction Rates and Security Mitigation Strategies
Wang, Bin
Zhong, YiLu
Wan, MiDi
Yu, WenJie
Ouyang, YuanBing
Huang, Yenan
Li, Hui
Cryptography and Security
Artificial Intelligence
Large language models (LLMs) have become indispensable for automated code generation, yet the quality and security of their outputs remain a critical concern. Existing studies predominantly concentrate on adversarial attacks or inherent flaws within the models. However, a more prevalent yet underexplored issue concerns how the quality of a benign but poorly formulated prompt affects the security of the generated code. To investigate this, we first propose an evaluation framework for prompt quality encompassing three key dimensions: goal clarity, information completeness, and logical consistency. Based on this framework, we construct and publicly release CWE-BENCH-PYTHON, a large-scale benchmark dataset containing tasks with prompts categorized into four distinct levels of normativity (L0-L3). Extensive experiments on multiple state-of-the-art LLMs reveal a clear correlation: as prompt normativity decreases, the likelihood of generating insecure code consistently and markedly increases. Furthermore, we demonstrate that advanced prompting techniques, such as Chain-of-Thought and Self-Correction, effectively mitigate the security risks introduced by low-quality prompts, substantially improving code safety. Our findings highlight that enhancing the quality of user prompts constitutes a critical and effective strategy for strengthening the security of AI-generated code.
title Is Your Prompt Poisoning Code? Defect Induction Rates and Security Mitigation Strategies
topic Cryptography and Security
Artificial Intelligence
url https://arxiv.org/abs/2510.22944