antgroup/adversarial-ai-coding-plugin
3 stars · Last commit 2026-04-27
Adversarial AI Coding: Self-Play Sparring, Offense Meets Defense — Making AI Write Secure Code
README preview
<p align="center"> <h1 align="center">Adversarial AI Coding Plugin</h1> <p align="center"><b>Self-Play Sparring, Offense Meets Defense — Making AI Write Secure Code</b></p> </p> <p align="center"> <a href="#benchmark-results">Benchmark</a> | <a href="#quick-start">Quick Start</a> | <a href="#roadmap">Roadmap</a> </p> --- ## The Problem: The Security Paradox of SOTA LLMs LLMs are generating production code at an unprecedented pace, but that code harbors significant security risks. Published benchmarks show that even state-of-the-art commercial models **produce vulnerable code up to 48.2% of the time, with top-tier models ranging from 37% to 95.6%** (Source: AutoBaxBench, Dec 2025). Paradoxically, these same SOTA LLMs excel at vulnerability discovery — Claude Opus 4.6 has uncovered hundreds of security vulnerabilities in open-source projects and even independently developed a full exploit chain for a FreeBSD kernel remote code execution vulnerability. **Root cause:** When generating code, the LLM's optimization target is *functional correctness*, not *security*. Security is merely an implicit constraint that is easily diluted under pressure to produce working code.