It seems redundant as well, if it were complementary, like LLM reviewing code or code verifying LLM, then that's defense in depth.

But LLM reviewing LLM? I think if the review LLM catches it, then the executing LLM would refuse to run it, and if the prompt fools the executing LLM, it will probably fool the reviewing LLM.

Also it looks very silly? Like I know it sounds like a joke, but optics matter, imagine you are getting paid a salary in tender money to feed your family, would you really want to get caught with this anywhere in the chain at all? Regardless of whether it contributed to the vuln, or just failed to catch it, will you defend your role in a company with this? Unless you are deep into the AI is a god/gold mine, it sounds like buffoonery.