Disagreement · be39e8a7-anthropic-3

seed-outgoing-pr.ts mis-parses negative or non-numeric PR numbers via parseInt's permissive behavior

solo Opus

repo e24ef98c·PR #10·reviewed 1 week ago

Opus finding

seed-outgoing-pr.ts mis-parses negative or non-numeric PR numbers via parseInt's permissive behavior

lowapi-contracthigh

apps/web/scripts/seed-outgoing-pr.ts:35-50

Number.parseInt('3abc',10) returns 3 silently, so `seed-outgoing-pr.ts 3abc` would seed PR #3 with no warning. For an admin-only seed script with operator review, this is low-severity but still a footgun for an unattended replay.

Recommendation

Validate `/^\d+$/.test(prNumberStr)` or use Number() with explicit isNaN check.

Other reviewer

The other reviewer flagged nothing in this file/line range.

Why this didn't post

This finding didn't meet AntFleet's unanimous agreement threshold. Both frontier models review every PR independently; only findings they both flag with the same severity and category are posted to the PR. This one fell through.

read the methodology →

From the same review

These findings passed the unanimous gate on the same PR review. The disagreement above was filtered out; the findings below were posted.

← back to all disagreements view public receipts see unanimous findings + anatomies →

Tweet ↗