Rewards Hub Security firm SlowMist has issued a warning about potential security risks associated with automatic task execution in IDEs based on VS Code, including Cursor, VS Code, Antigravity, and TRAE. Users are advised to disable the "automatic task running" feature to prevent malicious code from being triggered when opening directories. To enhance security, SlowMist recommends setting 'task.allowAutomaticTasks' to 'off' in settings and enabling the Workspace Trust prompt in Cursor. This allows users to confirm risks when opening new projects, ensuring that even if a workspace is trusted, commands hidden in .vscode/tasks.json are not automatically executed.
Security Alert: Potential Risks in VS Code IDEs
Disclaimer: The content provided on Phemex News is for informational purposes only. We do not guarantee the quality, accuracy, or completeness of the information sourced from third-party articles. The content on this page does not constitute financial or investment advice. We strongly encourage you to conduct you own research and consult with a qualified financial advisor before making any investment decisions.