[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"doc-detail-84281-en":3,"doc-seo-84281-105":29,"detail-sidebar-cat-0-en-105":91},{"code":4,"msg":5,"data":6},0,"success",{"doc_id":7,"user_id":8,"nickname":9,"user_avatar":10,"doc_module":4,"category_id":11,"category_name":12,"doc_title":13,"doc_description":14,"doc_content":15,"file_id":16,"file_url":17,"file_type":18,"file_size":19,"view_count":20,"is_deleted":4,"is_public":20,"is_downloadable":20,"audit_status":20,"page_count":21,"language":22,"language_code":23,"site_id":24,"html_lang":23,"table_of_contents":25,"faqs":26,"seo_title":13,"seo_description":14,"update_tm":27,"read_time":28},84281,1374391974564,"Clementine","https://ap-avatar.wpscdn.com/avatar/14000253aa45c000a9e?x-image-process=image/resize,m_fixed,w_180,h_180&k=1779874745381141002",8,"Research & Report","Functional and Secure Code Generation with Task Vectors","Large language models (LLMs) are increasingly used to generate code, yet they often produce insecure implementations despite producing syntactically correct outputs. Prior research separately measures functionality and security or focuses on vulnerability discovery and repair after generation. Leveraging task-vector arithmetic from LLM alignment, SecVecCoder uses linear weight operations to enhance alignment with minimal computational cost. Evaluated on six coding LLMs across CodeGuard+ results, it increases trustworthy code completions by 2.1–36.0 points, including up to 39.1 points on unseen CWE types. Because it only changes model weights, it adds no method-specific decoding and keeps latency within 0.6% of the base model.","Functional and Secure Code Generation with Task  \nVectors  \nFelix Wang∗ , Anudeep Das∗ , Meiyappan Nagappan∗ , N. Asokan∗†  \n† KTH Royal Institute of Technology, Stockholm, Sweden  \n∗ University of Waterloo, Waterloo, ON, Canada  \n{[felix.wang](felix.wang), anudeep.das, [mei.nagappan](mei.nagappan}@uwaterloo.ca)[}](mei.nagappan}@uwaterloo.ca)[@uwaterloo.ca](mei.nagappan}@uwaterloo.ca), [asokan@acm.org](asokan@acm.org)  \narXiv :2607 .0788 1v 1 [ cs . SE] 8 Jul 2026  \nAbstract—Large language models (LLMs) are increasingly used for code generation, but they struggle to generate functional code free of security vulnerabilities. Prior work to improve the secure code generation abilities of such coding LLMs has largely focused on evaluating code functionality and security separately using different datasets, or focused on finding vulnerabilities postgeneration. At the same time, the text-generation domain has seen significant work on alignment techniques, where models are tuned such that their outputs exhibit certain qualities (e.g., helpfulness, harmlessness). Of particular interest is task-vector arithmetic, where linear operations on LLM weights can be used to arbitrarily enhance alignment while incurring only minimal computational overhead. We develop a novel method, SecVecCoder, leveraging task vectors to produce trustworthy code that is simultaneously functional and secure without the need for post-generation adjustment. Across six coding LLMs from three families on the CodeGuard+ benchmark, SecVecCoder improves the rate of trustworthy code completions by 2.1–36.0 percentage points over the base model, with improvements on unseen CWE types reaching up to 39.1 percentage points. Since the effectiveness of the coding LLM relies only on changing the model weights, SecVecCoder requires no method-specific decoding and hence achieves a decoding latency within 0.6% of the base model’s, on average.  \nIndex Terms—Large language models, Code generation, Software Security, AI Safety  \nI. INTRODUCTION  \nLarge language models (LLMs) have demonstrated a remarkable ability to generate functional computer code, and they are increasingly used as coding assistants [1], [2] . However, these models were typically trained on vast corpora containing code from the Internet, without regard for any security vulnerabilities they may contain. Prior work has shown that AI coding assistants tend to generate code with exploitable weaknesses [3] . Consequently, whether AI coding assistants encourage misplaced confidence in the security of their generated code and lead developers to produce more vulnerable code, is an active research topic [4]–[6] .  \nPrior work has approached the problem of improving secure code generation from three complementary mitigation approaches: training-time, post-generation, and inference-time. Training-time methods optimize the model toward safer code generation by modifying the model weights via training, and constitute the most widely explored approach in prior work. Training techniques include prefix tuning [7], security-focused instruction tuning over large curated corpora [8], or additional security modules inserted into the model [9], [10] . These  \nmethods can be effective, but they often require substantial training data, long optimization runs, or method-specific machinery. Post-generation approaches apply vulnerability detection techniques [11], [12] to generated code, followed by automatic vulnerability repair techniques (AVR) [13]–[15], to eliminate the detected security vulnerabilities. However, they incur substantial computational overhead at inference time because they require a post-hoc scan using a machine learning (ML) model. In contrast, inference-time approaches enforce security through additional mechanisms applied during generation, such as auxiliary, lightweight security modules [9] or constrained decoding [16], [17] . As a result, they can be easily modulated at inference time without additional optimizati","cbCaishCfdaa7lbU","https://ap.wps.com/l/cbCaishCfdaa7lbU","pdf",2060493,1,12,"English","en",105,"# Introduction\n## Problem: insecure code from coding LLMs\n## Mitigation approaches (training-, post-, and inference-time)\n## Need for simultaneous security and functionality\n## Alignment and task-vector arithmetic as motivation","[{\"question\":\"Why do coding LLMs produce functional but insecure code?\",\"answer\":\"They are trained on large internet code corpora without accounting for security vulnerabilities. As a result, AI coding assistants can generate exploitable weaknesses that undermine trust.\"},{\"question\":\"What limitation exists in prior work on secure code generation?\",\"answer\":\"Many approaches evaluate functionality and security separately using different datasets or focus on finding vulnerabilities after generation. This can miss the requirement that code be simultaneously secure and functional.\"},{\"question\":\"How does SecVecCoder use task vectors to improve trustworthy code generation?\",\"answer\":\"SecVecCoder applies task-vector arithmetic to adjust LLM weights toward desired behavior using minimal overhead. Across multiple coding LLMs on CodeGuard+, it raises trustworthy completion rates and maintains decoding latency close to the base model because it avoids method-specific decoding or post-generation adjustment.\"}]",1784194565,30,{"code":4,"msg":30,"data":31},"ok",{"site_id":24,"language":23,"slug":32,"title":13,"keywords":33,"description":14,"schema_data":34,"social_meta":86,"head_meta":88,"extra_data":90,"updated_unix":27},"functional-and-secure-code-generation-with-task-vectors","",{"@graph":35,"@context":85},[36,53,68],{"@type":37,"itemListElement":38},"BreadcrumbList",[39,43,47,50],{"item":40,"name":41,"@type":42,"position":20},"https://docshare.wps.com","Home","ListItem",{"item":44,"name":45,"@type":42,"position":46},"https://docshare.wps.com/document/","Document",2,{"item":48,"name":12,"@type":42,"position":49},"https://docshare.wps.com/document/research-report/",3,{"item":51,"name":13,"@type":42,"position":52},"https://docshare.wps.com/document/functional-and-secure-code-generation-with-task-vectors/84281/",4,{"url":51,"name":13,"@type":54,"author":55,"headline":13,"publisher":57,"fileFormat":60,"inLanguage":23,"description":14,"dateModified":61,"datePublished":62,"encodingFormat":60,"isAccessibleForFree":63,"interactionStatistic":64},"DigitalDocument",{"name":9,"@type":56},"Person",{"url":40,"name":58,"@type":59},"DocShare","Organization","application/pdf","2026-07-17","2026-07-16",true,{"@type":65,"interactionType":66,"userInteractionCount":20},"InteractionCounter",{"@type":67},"ViewAction",{"@type":69,"mainEntity":70},"FAQPage",[71,77,81],{"name":72,"@type":73,"acceptedAnswer":74},"Why do coding LLMs produce functional but insecure code?","Question",{"text":75,"@type":76},"They are trained on large internet code corpora without accounting for security vulnerabilities. As a result, AI coding assistants can generate exploitable weaknesses that undermine trust.","Answer",{"name":78,"@type":73,"acceptedAnswer":79},"What limitation exists in prior work on secure code generation?",{"text":80,"@type":76},"Many approaches evaluate functionality and security separately using different datasets or focus on finding vulnerabilities after generation. This can miss the requirement that code be simultaneously secure and functional.",{"name":82,"@type":73,"acceptedAnswer":83},"How does SecVecCoder use task vectors to improve trustworthy code generation?",{"text":84,"@type":76},"SecVecCoder applies task-vector arithmetic to adjust LLM weights toward desired behavior using minimal overhead. Across multiple coding LLMs on CodeGuard+, it raises trustworthy completion rates and maintains decoding latency close to the base model because it avoids method-specific decoding or post-generation adjustment.","https://schema.org",{"og:url":51,"og:type":87,"og:title":13,"og:site_name":58,"og:description":14},"article",{"robots":89,"canonical":51},"index,follow",{"doc_id":7,"site_id":24},{"code":4,"msg":5,"data":92},[93,97,101,105,110,115,120,122,127,130,134],{"id":20,"doc_module":4,"doc_module_name":45,"category_name":94,"show_sort_weight":95,"slug":96},"Story & Novel",90,"story-novel",{"id":46,"doc_module":4,"doc_module_name":45,"category_name":98,"show_sort_weight":99,"slug":100},"Literature",80,"literature",{"id":52,"doc_module":4,"doc_module_name":45,"category_name":102,"show_sort_weight":103,"slug":104},"Exam",70,"exam",{"id":106,"doc_module":4,"doc_module_name":45,"category_name":107,"show_sort_weight":108,"slug":109},5,"Comic",60,"comic",{"id":111,"doc_module":4,"doc_module_name":45,"category_name":112,"show_sort_weight":113,"slug":114},6,"Technology",50,"technology",{"id":116,"doc_module":4,"doc_module_name":45,"category_name":117,"show_sort_weight":118,"slug":119},7,"Healthcare",40,"healthcare",{"id":11,"doc_module":4,"doc_module_name":45,"category_name":12,"show_sort_weight":28,"slug":121},"research-report",{"id":123,"doc_module":4,"doc_module_name":45,"category_name":124,"show_sort_weight":125,"slug":126},9,"Religion & Spirituality",20,"religion-spirituality",{"id":125,"doc_module":4,"doc_module_name":45,"category_name":128,"show_sort_weight":125,"slug":129},"World Cup","world-cup",{"id":131,"doc_module":4,"doc_module_name":45,"category_name":132,"show_sort_weight":131,"slug":133},10,"Lifestyle","lifestyle",{"id":135,"doc_module":4,"doc_module_name":45,"category_name":136,"show_sort_weight":106,"slug":137},19,"General","general"]