This would be the way to go with the initial offering. Adding static code analysis + LLMs will help with reducing LLM usage and hallucinations and then adding a way to test out the policies to make sure that they are enough to run the code without being too broad will increase trust in the results.
This would be the way to go with the initial offering. Adding static code analysis + LLMs will help with reducing LLM usage and hallucinations and then adding a way to test out the policies to make sure that they are enough to run the code without being too broad will increase trust in the results.