Enhancing Trustworthiness in LLM-Generated Code: A Reinforcement Learning and Domain-Knowledge Constrained Approach

Abstract

Imagine analyzing a piece of code that uses the function ConnectToServer() withan encrypted string as its argument. A large language model (LLM), trained onextensive programming data, might flag the use of encryption as suspicious andgenerate an explanation suggesting that the function likely connects to a maliciousserver. While this explanation might seem plausible, it can often be unfaithful—itovergeneralizes based on statistical patterns from its training data without trulyunderstanding the context or validating its claims [8]. A REACT (Reasoning andActing) framework, which combines reasoning with action steps, is likely a betterapproach because it allows the LLM to propose actions—such as decrypting the stringor examining server connections—while reasoning about the results [7]. However,REACT still lacks a feedback mechanism to evaluate the effectiveness of thoseactions or iteratively refine the sequence based on empirical observations. Without such feedback, it risks falling short in dynamic scenarios, where the validation of predictions and adaptation to new evidence are critical [10].