Reflection-Driven Control for Trustworthy Code Agents
Bin Wang, Jiazheng Quan, Xingrui Yu, Hansen Hu, Yuhao, Ivor Tsang
TL;DR
The paper tackles safety and verifiability in autonomous LLM agents by introducing Reflection-Driven Control, an internal Reflect layer that continuously audits reasoning, retrieves evidence-based repairs from a dynamic memory, and enforces secure code generation without retraining. The Reflex module comprises three components: Lightweight Self-Check, Reflective Prompt Engine, and Reflective Memory Repository, formalized as $y = \mathcal{G}( x, C_f, C_{fn}, \mathcal{R}(x, C_f, C_{fn}; \mathcal{M}), \theta )$ to produce secure, auditable code. Empirical evaluation on eight CWE-driven security tasks across multiple LLMs shows substantial gains in security and compliance with minimal overhead, driven by a dynamic RAG memory that improves over rounds and plateaus after ~4 iterations. The results suggest a scalable, auditable path toward trustworthy AI coding agents that can operate autonomously while maintaining safety and accountability, without model retraining.
Abstract
Contemporary large language model (LLM) agents are remarkably capable, but they still lack reliable safety controls and can produce unconstrained, unpredictable, and even actively harmful outputs. To address this, we introduce Reflection-Driven Control, a standardized and pluggable control module that can be seamlessly integrated into general agent architectures. Reflection-Driven Control elevates "self-reflection" from a post hoc patch into an explicit step in the agent's own reasoning process: during generation, the agent continuously runs an internal reflection loop that monitors and evaluates its own decision path. When potential risks are detected, the system retrieves relevant repair examples and secure coding guidelines from an evolving reflective memory, injecting these evidence-based constraints directly into subsequent reasoning steps. We instantiate Reflection-Driven Control in the setting of secure code generation and systematically evaluate it across eight classes of security-critical programming tasks. Empirical results show that Reflection-Driven Control substantially improves the security and policy compliance of generated code while largely preserving functional correctness, with minimal runtime and token overhead. Taken together, these findings indicate that Reflection-Driven Control is a practical path toward trustworthy AI coding agents: it enables designs that are simultaneously autonomous, safer by construction, and auditable.
