Although large language models possess knowledge of security vulnerabilities, they frequently introduce known flaws when generating production-grade code. This work identifies the root cause as a “format-reliability gap”: security-related representations emerge in early network layers but are suppressed in later layers due to a stronger preference for syntactic and formatting compliance. Through mechanistic analysis, the study pinpoints the specific layers where this suppression occurs and constructs dedicated steering vectors for each vulnerability type to enable precise intervention. Experiments across five models, three architectures, and six vulnerability categories demonstrate that the proposed method reduces vulnerability generation rates by up to 74% with negligible computational overhead.

Large language models write production code, and yet they routinely introduce well-known vulnerabilities. We show that this is not a knowledge deficit: the same models that generate insecure code, correctly identify and explain the vulnerability when asked directly, this is a gap we call the Format-Reliability Gap. Mechanistic analysis reveals the cause: security representations are encoded from the earliest layers but remain computationally inert until the final layer, where format-compliance demands compete with them. Because the failure is localized to a single layer, per-vulnerability steering vectors reduce insecure generation by up to 74% with negligible overhead. The mechanism and the fix generalize across five models, three architecture families, and six vulnerability types, suggesting insecure code generation is an interpretability problem, not a training artifact.