A.S.E: A Repository-Level Benchmark for Evaluating Security in AI-Generated Code
wangjunjie
Abstract
A.S.E is a repository-level benchmark for evaluating the security of AI-generated code, highlighting challenges in secure coding and the limitations of LLMs in real-world scenarios.
The increasing adoption of large language models (LLMs) in software engineering necessitates rigorous security evaluation of their generated code. However, existing benchmarks often lack relevance to real-world AI programming scenarios, making them inadequate for assessing the practical security risks associated with AI-generated code in production environments. To address this gap, we introduce A.S.E (AI Code Generation Security Evaluation), a repository-level evaluation benchmark designed to closely mirror real-world AI programming tasks, offering a comprehensive and reliable framework for assessing the security of AI-generated code. Our evaluation of leading LLMs on A.S.E reveals several key findings. In particular, current LLMs still struggle with secure coding. The complexity in repository-level scenarios presents challenges for LLMs that typically perform well on snippet-level tasks. Morever, a larger reasoning budget does not necessarily lead to better code generation. These observations offer valuable insights into the current state of AI code generation, assisting developers in selecting the most appropriate models for practical tasks, while laying the foundation for refining LLMs to generate secure and efficient code in real-world applications.
Community
๐ค AI is revolutionizing how we write code, with LLMs acting as tireless coding partners! But with this incredible speed comes a critical question: is the code they generate truly secure? ๐ก๏ธ
Many security benchmarks only scratch the surface ๐ง, testing code in isolated snippets. This approach misses the real-world vulnerabilities that can lurk in the complex interactions across an entire project.
๐ Enter A.S.E, a pioneering repository-level benchmark that's changing the game! Instead of just looking at a single file, A.S.E evaluates security across a whole codebase, providing a much more realistic and challenging test for our AI models.
This is a huge step forward โฉ in building a future where AI assistants are not just powerful coders, but also vigilant security partners. It's time to push for safer, more reliable AI-generated code!
#AISecurity ๐ #SecureCoding ๐ป #LLMs ๐ง #CodeGeneration โจ๏ธ
๐
This is an automated message from the Librarian Bot. I found the following papers similar to this paper.
The following papers were recommended by the Semantic Scholar API
- Human-Written vs. AI-Generated Code: A Large-Scale Study of Defects, Vulnerabilities, and Complexity (2025)
- MRG-Bench: Evaluating and Exploring the Requirements of Context for Repository-Level Code Generation (2025)
- Turning the Tide: Repository-based Code Reflection (2025)
- CrossPL: Evaluating Large Language Models on Cross Programming Language Code Generation (2025)
- Assessing the Quality and Security of AI-Generated Code: A Quantitative Analysis (2025)
- MERA Code: A Unified Framework for Evaluating Code Generation Across Tasks (2025)
- NoCode-bench: A Benchmark for Evaluating Natural Language-Driven Feature Addition (2025)
Please give a thumbs up to this comment if you found it helpful!
If you want recommendations for any Paper on Hugging Face checkout this Space
You can directly ask Librarian Bot for paper recommendations by tagging it in a comment:
@librarian-bot
recommend
arXiv explained breakdown of this paper ๐ https://arxivexplained.com/papers/ase-a-repository-level-benchmark-for-evaluating-security-in-ai-generated-code
Models citing this paper 0
No model linking this paper
Datasets citing this paper 0
No dataset linking this paper
Spaces citing this paper 0
No Space linking this paper