This paper describes finding security related concepts and using them to steer at generation time. While this is an interesting contribution on its own, the approach could also be applied to a range of other concerns -- e.g. can we use this to steer away from performance problems? can we make llm code generation anticipate maintainability or readability issues?