Reflection-Driven Control for Trustworthy Code Agents

TL;DR

This paper introduces Reflection-Driven Control, a modular safety mechanism for LLM agents that enhances security and compliance in code generation by enabling continuous self-reflection and evidence-based corrections.

Contribution

It presents a novel, integrated control module that incorporates self-reflection into the reasoning process of LLM agents, improving safety and trustworthiness in code generation.

Findings

Significantly improves security and policy compliance in generated code.

Maintains functional correctness with minimal runtime and token overhead.

Demonstrates effectiveness across eight security-critical programming tasks.

Abstract

Contemporary large language model (LLM) agents are remarkably capable, but they still lack reliable safety controls and can produce unconstrained, unpredictable, and even actively harmful outputs. To address this, we introduce Reflection-Driven Control, a standardized and pluggable control module that can be seamlessly integrated into general agent architectures. Reflection-Driven Control elevates "self-reflection" from a post hoc patch into an explicit step in the agent's own reasoning process: during generation, the agent continuously runs an internal reflection loop that monitors and evaluates its own decision path. When potential risks are detected, the system retrieves relevant repair examples and secure coding guidelines from an evolving reflective memory, injecting these evidence-based constraints directly into subsequent reasoning steps. We instantiate Reflection-Driven Control in the setting of secure code generation and systematically evaluate it across eight classes of security-critical programming tasks. Empirical results show that Reflection-Driven Control substantially improves the security and policy compliance of generated code while largely preserving functional correctness, with minimal runtime and token overhead. Taken together, these findings indicate that Reflection-Driven Control is a practical path toward trustworthy AI coding agents: it enables designs that are simultaneously autonomous, safer by construction, and auditable.