Prompting Instability: An Empirical Study of LLM Robustness in Code Vulnerability Detection
摘要
Large Language Models (LLMs) are increasingly adopted in software engineering and cybersecurity tasks, such as vulnerability detection. In real-world use, humans often phrase prompts in different ways even when conveying the same intent. However, LLMs have been observed to produce inconsistent outputs in response to semantically equivalent paraphrased prompts, even for simple binary (yes/no) questions. This variability poses significant challenges to their reliability, eroding developer trust and compromising reproducibility in both research and real-world use cases. Addressing this issue is essential to ensure that LLMs can consistently support security-critical workflows. In this study, we conduct a large-scale empirical analysis of six prominent LLMs—spanning general-purpose and code-specialized models—on 48 hand-crafted code scenarios derived from the MITRE Top 25 Most Dangerous Software Weaknesses. Each scenario is evaluated across 17 distinct prompt structures and 20 paraphrased variations per structure to systematically measure the impact of linguistic reformulation on response stability. Our findings reveal that: (1) paraphrased prompts introduce much higher variability than repeated identical prompts, even under deterministic settings; (2) coding-specific models exhibit greater sensitivity to paraphrased prompts compared to general-purpose LLMs; and (3) task-level factors such as code complexity, length, and vulnerability type influence stability. The findings point to a critical need for more resilient prompting approaches and further model refinement to increase LLM robustness.