A Framework for Safety Analysis of LLM-Generated Code in Multi-Agent Systems

Main Article Content

David Armenovich Avagian
Karine Arsenovna Ayrapetyants

Abstract

Large language models (LLMs) are increasingly being used for code generation. Yet, both the generated code and the underlying LLM-based systems demand rigorous security evaluation. A common approach to enhancing code generation quality involves multi-agent systems composed of multiple models. This paper evaluates the performance of GPT-OSS 20B, GPT-OSS 120B, and Qwen3-Coder 480B models in single-agent and multi-agent configurations, using two code security benchmarks, SecurityEval and CyberSecEval. The key contribution is SafeAICoder, an extensible and scalable framework for testing LLMs enabling distributed server-side generation of multi-module programs and tests, independent of client-side code.

Article Details

How to Cite
Avagian, D. A., and K. A. Ayrapetyants. “A Framework for Safety Analysis of LLM-Generated Code in Multi-Agent Systems”. Russian Digital Libraries Journal, vol. 29, no. 4, July 2026, pp. 1082-17, doi:10.26907/1562-5419-2026-29-4-1082-1117.

References

1. Hou X., Zhao Y., Liu Y. et al. Large Language Models for Software Engineering: A Systematic Literature Review // arXiv preprint. 2013. arXiv:2308.10620.
2. Ma L., Liu S., Li Y. et al. SpecGen: Automated Generation of Formal Program Specifications via Large Language Models // arXiv preprint. 2024.
arXiv:2401.08807.
3. Mandal S. et al. Large Language Models Based Automatic Synthesis of Software Specifications // arXiv preprint. 2023. arXiv:2304.09181.
4. Cassano F., Gouwar J., Nguyen D. et al. MultiPL-E: A Scalable and Polyglot Approach to Benchmarking Neural Code Generation // IEEE Transactions on Software Engineering. 2023. Vol. 49, No. 7. P. 3675–3691.
5. Chen F., Fard F. H., Lo D., Bryksin T. On the Transferability of Pre-trained Language Models for Low-resource Programming Languages // IEEE/ACM 30th International Conference on Program Comprehension (ICPC). 2022. P. 401–412.
6. Fan G., Chen S., Gao C. et al. Rapid: Zero-shot Domain Adaptation for Code Search with Pre-trained Models // ACM Transactions on Software Engineering and Methodology. 2024. Vol. 33, No. 5. P. 1–35.
7. Schäfer M., Nadi S., Eghbali A., Tip F. An Empirical Evaluation of Using Large Language Models for Automated Unit Test Generation // IEEE Transactions on Software Engineering. 2023. Vol. 50, No. 1. P. 85–105.
8. Nappa A., Johnson R., Bilge L. et al. The Attack of the Clones: A Study of the Impact of Shared Code on Vulnerability Patching // IEEE symposium on security and privacy. 2015. P. 692–708.
9. Ardito L., Coppola R., Barbato L., Verga D. A Tool-Based Perspective on Software Code Maintainability Metrics: A Systematic Literature Review // Scientific Programming 2020. P. 1–26.
10. Buse R. P. L., Weimer W. R. Learning a Metric for Code Reliability // IEEE Transactions on Software Engineering. 2010. Vol. 36, No. 4. P. 546–558.
11. Peitek N., Apel S., Parmin C. et al. Program Comprehension and Code Complexity Metrics: An fMRI Study // IEEE/ACM 43rd International Conference on Software Engineering (ICSE). 2021. P. 524–536.
12. Markovtsev V., Long W., Mougard H. et al. STYLE-ANALYZER: fixing code style inconsistencies with interpretable unsupervised algorithms // IEEE/ACM 16th International Conference on Mining Software Repositories (MSR). 2019. P. 468–478.
13. Raemaekers S., Van Deursen A., Visser J. Measuring software library stability through historical version analysis // 28th IEEE International Conference on Software Maintenance (ICSM). 2012. P. 378–387.
14. Common Weakness Enumeration. URL: https://cwe.mitre.org (accessed: 30.03.2026).
15. Open Web Application Security Project. URL: https://owasp.org (accessed: 30.03.2026).
16. SAST Bandit documentation. URL: https://bandit.readthedocs.io/en/latest (accessed: 30.03.2026).
17. SAST Semgrep documentation. URL: https://semgrep.dev/docs (accessed: 30.03.2026).
18. SAST CodeQL documentation. URL: https://codeql.github.com/docs (accessed: 30.03.2026).
19. SAST Bearer documentation. URL: https://docs.bearer.com (accessed: 30.03.2026).
20. SAST Snyk documentation. URL: https://docs.snyk.io (accessed: 30.03.2026).
21. Chen M., Tworek J., Jun H. et al. Evaluating Large Language Models Trained on Code // arXiv preprint. 2021. arXiv:2107.03374.
22. Inala J.P., Wang C., Yang M. et al. Fault-Aware Neural Code Rankers // arXiv preprint. 2022. arXiv:2206.03865.
23. Lu S. et al. CodeXGLUE: A Machine Learning Benchmark Dataset for Code Understanding and Generation // arXiv preprint. 2021. arXiv:2102.04664.
24. Valentin T., Madadi A., Sapia G., Böhme M. Incoherence as Oracle-less Measure of Error in LLM-Based Code Generation // arXiv preprint. 2025. arXiv:2507.00057.
25. Spiess C., Gros D., Pai K. S. et al. Calibration and Correctness of Language Models for Code // arXiv preprint. 2024. arXiv:2402.02047.
26. Siddiq M.L., da Silva Santos J.C., Devareddy S., Muller A. Sallm: Security assessment of generated code // Proceedings of the 39th IEEE/ACM International Conference on Automated Software Engineering Workshops. 2024. P. 54–65.
27. Siddiq M.L., da Silva Santos J.C. SecurityEval Dataset: Mining Vulnerability Examples to Evaluate Machine Learning-Based Code Generation Techniques // Proceedings of the 1st International Workshop on Mining Software Repositories Applications for Privacy and Security (MSR4P&S22). 2022.
28. SAST SonarQube documentation. URL: https://docs.sonarsource.com (accessed: 30.03.2026).
29. Austin J., Odena A., Nye M. et al. Program Synthesis with Large Language Models // arXiv preprint. 2021. arXiv:2108.07732.
30. Bhatt M. et al. Purple Llama CyberSecEval: A Secure Coding Benchmark for Language Models // arXiv preprint. 2023. arXiv:2312.04724.
31. MITRE ATT&CK knowledge base. URL: https://attack.mitre.org (дата обращения: 30.03.2026).
32. Abdelaziz I. et al. Granite-Function Calling Model: Introducing Function Calling Abilities via Multi-task Learning of Granular Tasks // Proceedings of the 2024 Conference on Empirical Methods in Natural Language Processing: Industry Track. 2024. P. 1131–1139.
33. Agarwal S. et al. gpt-oss-120b & gpt-oss-20b Model Card // arXiv preprint. 2025. arXiv:2508.10925.
34. Yang An et al. Qwen3 Technical Report // arXiv preprint. 2025.
arXiv:2505.09388.
35. Huynh N., Lin B. Large Language Models for Code Generation: A Comprehensive Survey of Challenges, Techniques, Evaluation, and Applications // arXiv preprint. 2025. arXiv:2503.01245.
36. Fakhoury S. et al. LLM-based Test-driven Interactive Code Generation: User Study and Empirical Evaluation // IEEE Transactions on Software Engineering. 2024. Vol. 50, No. 9. P. 2254–2268.
37. He X. et al. CoCoST: Automatic Complex Code Generation with Online Searching and Correctness Testing // Proceedings of the 2024 Conference on Empirical Methods in Natural Language Processing. 2024. P. 19433–19451.
38. Liu M. et al. An Empirical Study of the Code Generation of Safety-Critical Software Using LLMs // Applied Sciences. 2024. Vol. 14, No. 3. P. 1046.
39. Wang C., Zhang J., Feng Y., Li T. Teaching Code LLMs to Use Autocompletion Tools in Repository-Level Code Generation // ACM Transactions on Software Engineering and Methodology. 2025. Vol. 34, No. 7. P. 1–27.
40. Dong Y. et al. A Survey on Code Generation with LLM-based Agents // arXiv preprint. 2025. arXiv:2508.00083.
41. Nunez A. et al. AutoSafeCoder: A Multi-Agent Framework for Securing LLM Code Generation through Static Analysis and Fuzz Testing // arXiv preprint. 2024. arXiv:2409.10737.
42. Islam N.T. et al. Enhancing Source Code Security with LLMs: Demystifying The Challenges and Generating Reliable Repairs // arXiv preprint. 2024. 2409.00571.
43. Ishibashi Y., Nishimura Y. Self-Organized Agents: A LLM Multi-Agent Framework toward Ultra Large-Scale Code Generation and Optimization // arXiv preprint. 2024. 2404.02183.
44. Pan R., Zhang H., Liu C. CodeCoR: An LLM-Based Self-Reflective Multi-Agent Framework for Code Generation // arXiv preprint. 2025. arXiv:2501.07811.
45. Holt S., Luyten M.R., van der Schaar M. L2MAC: Large Language Model Automatic Computer for Extensive Code Generation // arXiv preprint. 2023. 2310.02003.
46. GitHub repository for SafeAICoder framework. URL: https://github.com/KarineAyrs/saicoder (accessed: 30.03.2026).
47. Ollama documentation. URL: https://docs.ollama.com (accessed: 30.03.2026).
48. Merkel D. Docker: lightweight linux containers for consistent development and deployment // Linux journal. 2014. No. 239. P. 2.
49. Docker Compose tool documentation. URL: https://docs.docker.com/reference/cli/docker/compose (accessed: 30.03.2026).
50. Official Ollama client Docker image on Docker Hub. URL: https://hub.docker.com/r/ollama/ollama (accessed: 30.03.2026).
51. Blakeman A. et al. Nemotron 3 Nano: Open, Efficient Mixture-of-Experts Hybrid Mamba-Transformer Model for Agentic Reasoning // arXiv preprint. 2025. arXiv:2512.20848.
52. Devstral 2 123B Instruct 2512 model card on HuggingFace. URL: https://huggingface.co/mistralai/Devstral-2-123B-Instruct-2512 (accessed: 30.03.2026).