# Semantic Steering: How Codebase Naming Conventions Implicitly Guide LLM Agents > Coverage of lessw-blog **Published:** June 01, 2026 **Author:** PSEEDR Editorial **Category:** devtools **Tags:** LLM Agents, Semantic Steering, Code Generation, Cybersecurity, Prompt Engineering **Canonical URL:** https://pseedr.com/devtools/semantic-steering-how-codebase-naming-conventions-implicitly-guide-llm-agents --- A recent analysis highlights how minor semantic cues in function names, such as prefixing with 'secure\_', can dramatically alter the architectural decisions and security practices of LLM coding agents. In a recent post, lessw-blog discusses a fascinating phenomenon in the realm of artificial intelligence and software engineering: the outsized impact of simple naming conventions on the behavior of Large Language Model (LLM) coding agents. The analysis, titled [\[Linkpost\] Prefixing names with 'secure\_' makes agents write more secure code](https://www.lesswrong.com/posts/75MsWZ9P9ZoL7uZXx/linkpost-prefixing-names-with-secure_-makes-agents-write), explores how semantic steering acts as an implicit guide for automated code generation. As development teams increasingly integrate LLM agents into their workflows, understanding how these models interpret context is critical. Traditionally, developers rely on explicit system prompts, strict linters, or rigid instructions to enforce security standards, architectural patterns, and coding styles. However, this research reveals that agents are highly sensitive to the existing semantic environment of a codebase. A simple function name can act as a soft prompt, establishing a persistent conceptual framework that influences downstream logic, even when explicit instructions are entirely neutral. This dynamic is particularly relevant as organizations scale their use of autonomous coding assistants, where unintended drift or misinterpretation of context can introduce subtle vulnerabilities or architectural bloat. The core argument presented by lessw-blog is that prefixes like **secure\_**, **safe\_**, or **energetic\_** do more than just label functions; they fundamentally alter the agent's approach to problem-solving. For instance, when exposed to the **secure\_** prefix, agents autonomously implemented password fields and bcrypt hashing without any explicit authentication requirements in the prompt. They inferred a high-security context simply from the nomenclature. Similarly, the **safe\_** prefix seeded custom error-handling hierarchies and defensive programming techniques, while **energetic\_** resulted in asynchronous workers, concurrent processing, and heavy decorator usage. Furthermore, the agents adopted these conventions natively, dynamically propagating the prefixes to newly generated functions until reaching specific, yet-to-be-defined domain boundaries. While the study relies on a relatively small sample size of 54 tasks and leaves open questions regarding the specific LLM frameworks used, the implications for software engineering are significant. It underscores a powerful, non-obvious vector for steering agent behavior through codebase semantics. Conversely, it serves as a cautionary tale about the sensitivity of these models to minor contextual details, which could easily lead to unintended over-engineering or performance overhead if naming conventions are misapplied. To explore the full methodology, the exact nature of the domain boundaries, and the broader implications for AI-assisted development, [read the full post](https://www.lesswrong.com/posts/75MsWZ9P9ZoL7uZXx/linkpost-prefixing-names-with-secure_-makes-agents-write). ### Key Takeaways * Function name prefixes act as soft prompts that implicitly guide the behavioral style and architectural decisions of LLM coding agents. * Agents exposed to a secure\_ prefix autonomously implemented robust security measures, such as bcrypt hashing, without explicit prompt instructions. * Semantic prefixes propagate dynamically, with agents adopting and applying the established naming conventions to newly generated functions. * Different prefixes seed distinct patterns: safe\_ encourages custom error handling, while energetic\_ promotes asynchronous architectures. * The findings highlight a non-obvious vector for steering LLMs, though they also warn of potential unintended over-engineering due to contextual sensitivity. [Read the original post at lessw-blog](https://www.lesswrong.com/posts/75MsWZ9P9ZoL7uZXx/linkpost-prefixing-names-with-secure_-makes-agents-write) --- ## Sources - https://www.lesswrong.com/posts/75MsWZ9P9ZoL7uZXx/linkpost-prefixing-names-with-secure_-makes-agents-write