Disagreement · 70f6bb2c-openai-2

Unhandled missing OPTIN_HMAC_SECRET causes 500 instead of a friendly error

solo GPT-5

repo e24ef98c·PR #9·reviewed 1 week ago

GPT-5 finding

Unhandled missing OPTIN_HMAC_SECRET causes 500 instead of a friendly error

lowmaintainabilityhigh

apps/web/lib/optin-token.ts
apps/web/app/api/opt-in/route.ts

If OPTIN_HMAC_SECRET is unset in the environment, verifyTokenDetailed() will throw inside getSecret(). The route does not catch this, yielding a 500 without a clear user-facing explanation. While this is a deploy misconfiguration, it’s better to fail with a controlled HTML response and a clear log.

Recommendation

Wrap token verification in try/catch. On error, log and return htmlResponse(500, errorPage("Server misconfigured", "...")), or validate presence of OPTIN_HMAC_SECRET at process startup to fail fast with a clear error.

Other reviewer

The other reviewer flagged nothing in this file/line range.

Why this didn't post

This finding didn't meet AntFleet's unanimous agreement threshold. Both frontier models review every PR independently; only findings they both flag with the same severity and category are posted to the PR. This one fell through.

read the methodology →

From the same review

These findings passed the unanimous gate on the same PR review. The disagreement above was filtered out; the findings below were posted.

← back to all disagreements view public receipts see unanimous findings + anatomies →

Tweet ↗