Many developers rely on Large Language Models (LLMs) to facilitate software development. Nevertheless, these models have exhibited limited capabilities in the security domain. We introduce LLMSecGuard, a framework to offer enhanced code security through the synergy between static code analyzers and LLMs. LLMSecGuard is open source and aims to equip developers with code solutions that are more secure than the code initially generated by LLMs. This framework also has a benchmarking feature, aimed at providing insights into the evolving security attributes of these models.

翻译：众多开发者依赖大语言模型（LLM）来辅助软件开发。然而，这些模型在安全领域的能力有限。本文提出LLMSecGuard框架，通过静态代码分析器与大语言模型的协同作用来提升代码安全性。LLMSecGuard是开源工具，旨在为开发者提供比大模型初始生成代码更安全的代码解决方案。该框架还具备基准测试功能，旨在深入洞察这些模型不断演进的安全特性。