Disagreement · 5a1afff9-openai-0

Safety comment claims hard-fail without API key, but script exits 0 (misleading docs and can hide failures)

mismatch

repo 6f7fc663·PR #33·reviewed 1 week ago

Primary finding

Safety comment claims hard-fail without API key, but script exits 0 (misleading docs and can hide failures)

mediumdocs-gaphigh

scripts/postprocess-admanage-create.sh:17-21
scripts/postprocess-admanage-create.sh:45-50

The comment promises a hard-fail, which typically means non-zero exit. The implemented behavior warns, notifies, and exits 0. In automated workflows, this can mask a real block and cause subsequent steps to proceed incorrectly.

Recommendation

Either: (a) change exit 0 to a non-zero exit (e.g., exit 1) to hard-fail, or (b) update the Safety comment to accurately describe the behavior (warns and exits successfully). Prefer (a) for CI safety.

Counterpart finding

Empty CAMPAIGN_FILES/ADSET_FILES skip is bypassed when only one subdir is missing, causing 'unbound variable' under set -u

lowbugmedium

scripts/postprocess-admanage-create.sh:40-48

shopt -s nullglob makes missing globs expand to empty, so this is handled. However if CREATES_DIR exists but neither campaigns/ nor adsets/ subdirectory exists, the early-exit at line 47 will fire correctly. Low-impact.

Recommendation

No change required; noting for completeness.

Why this didn't post

This finding didn't meet AntFleet's unanimous agreement threshold. Both frontier models review every PR independently; only findings they both flag with the same severity and category are posted to the PR. This one fell through.

read the methodology →

← back to all disagreements view public receipts see unanimous findings + anatomies →

Tweet ↗