2026-01-18 03:24:43

The security team reminds developers to be aware of a commonly overlooked IDE risk. Integrated development environments based on Visual Studio Code, including Cursor, VS Code, Antigravity, and TRAE, all have a potential issue— the automatic execution of tasks feature could become a breach point for malicious code.

Specifically, if you open a project directory containing malicious task configurations, the IDE will automatically trigger these tasks, causing malicious code to execute directly in your development environment. This poses a significant risk for developers who frequently switch projects or download code from the internet.

It is recommended to immediately check your IDE settings, locate the "Auto Run Tasks" or similar option, and disable it. This can effectively prevent passive triggering of malicious scripts when opening untrusted directories. Developers working with DeFi smart contracts or other sensitive code should pay particular attention to this. Spending a few seconds to disable this feature is far better than dealing with code leaks or wallet theft afterward.

View Original

This page may contain third-party content, which is provided for information purposes only (not representations/warranties) and should not be considered as an endorsement of its views by Gate, nor as financial or professional advice. See Disclaimer for details.

11 Likes

Reward
11
10
Repost
Share

Comment

0/400

MoodFollowsPrice

· 17h ago

Damn, the auto task feature in VS Code has long been something to turn off. Who the heck thought this thing could be exploited by hackers? --- DeFi developers, pay attention. This time, it's really easy to mess up. Quickly check your IDE settings. --- Oh my god, I never thought that opening a project folder could secretly execute code. This security vulnerability is truly outrageous. --- Wait, I forgot to turn off the auto tasks feature. Thanks for the reminder. I almost got burned. --- Why didn't anyone say this earlier? Isn't the lesson from wallet theft enough to be cautious? --- Just turn it off, it's really not a hassle, but it can save your life. --- These days, there are too many things to watch out for when developing. So annoying.

View OriginalReply0

MidnightSnapHunter

· 20h ago

Wow, this vulnerability is really incredible. I was previously caught out by this exact issue—opened a GitHub project and directly executed a malicious script. Shut it down immediately, don’t wait until your wallet is emptied and then regret it. DeFi developers need to be extra cautious; these kinds of issues are hard to prevent entirely. Hey, this should have been warned about long ago. Why are they only mentioning it now... The key is that many people simply don’t know this feature exists. I know quite a few people around me who are unaware. Just one click to disable, and it’s done. Why are so many people still hesitating?

View OriginalReply0

governance_lurker

· 01-19 14:14

Damn, this vulnerability is really disgusting, executing directly locally? I need to check my Cursor immediately. --- DeFi developers would probably break out in cold sweat seeing this, their wallets could be gone in an instant. --- Just because of such an automatic execution feature? That's outrageous, no wonder I heard recently that someone got "contaminated" by a project. --- By the way, how many people actually didn't notice this setting existed... --- The key is those repos pulled randomly from GitHub, who still checks task configurations one by one? --- That's why I hate IDE "smart" features that make decisions for you, turn them off, turn them off. --- When it comes to security, really, developers need to be more careful, or they'll get screwed over every day.

View OriginalReply0

LayerZeroHero

· 01-19 09:22

Wow, this thing is actually so dangerous. I casually pull code from GitHub every day... I need to turn off this feature immediately.

View OriginalReply0

SatsStacking

· 01-18 03:53

Damn, VS Code's auto tasks are such a deep trap? Luckily I saw this warning, or I would have been caught into a project just by downloading it.

View OriginalReply0

ForkThisDAO

· 01-18 03:53

Damn, this vulnerability is pretty scary. I haven't closed my Cursor yet... --- DeFi developers need to pay attention to this. The wallet can really just disappear. --- Someone should have spoken out about this earlier. Running malicious tasks secretly is just insane. --- I was wondering why sometimes projects would mysteriously run some code when opened. Now I understand. --- Close it, close it. It's just a two-minute fix. Do you really have to wait until you're robbed to regret it? --- These days, you can't even trust your IDE. Developers really have it tough. --- Huh? Several of my projects might be affected. I'm going to change the settings right now. --- Why doesn't VSCode disable this feature by default? That's a bit ridiculous. --- Friends working on contracts, spread this quickly. It's too important.

View OriginalReply0

WalletManager

· 01-18 03:52

Hold on to your chips, but also hold on to your private keys, brother... This IDE vulnerability, to put it simply, is a common "improper permission configuration" in contract audits, and the risk level is extremely high. I've already turned this thing off a long time ago; after all, I've been analyzing on-chain for so many years and have seen too many wallets blow up due to automatic execution.

View OriginalReply0

Degentleman

· 01-18 03:46

Whoa, I didn't notice this trap at all, better go close it quickly --- Brothers over at DeFi, you need to check this out, it can really mess up your wallet --- People who download unfamiliar code every day are finally going to learn their lesson --- It's just a matter of a few seconds, not closing it is asking for trouble --- Cursor users silently closing, feeling scared afterward --- If this gets exploited, it would be so embarrassing. Quickly share it with your teammates --- Why is this kind of risk so hidden... The IDE design is really clever --- I was just saying that the recent inexplicable processes might be caused by this damn thing

View OriginalReply0

PancakeFlippa

· 01-18 03:44

Damn, this thing really needs attention. It feels like many people haven't realized it yet. --- Another VS Code pitfall. This feature should have been fixed long ago. --- DeFi developers must see this. Having your wallet stolen is really upsetting. --- Holy shit, if the contract code is executed like this... just thinking about it is terrifying. --- Fortunately, I always run things manually. I've never enabled automatic execution. --- That's why you should check others' project setups and look at the .vscode configuration first, or you'll easily fall into traps. --- Now everything is automated, which has become the biggest security vulnerability. --- No wonder some airdrop projects tend to fail; maybe it's because of issues like this.

View OriginalReply0

DaoTherapy

· 01-18 03:31

Damn, this vulnerability is really sneaky. Automated task execution is completely unstoppable. --- Damn, DeFi developers really need to shut this thing down quickly, or they'll lose everything. --- This is outrageous. Opening a project and secretly running code, and such operations exist. --- I quickly checked again. Luckily, I had already turned it off, but I guess many people have no idea about this. --- A must-read for smart contract developers. It only takes a few seconds if you're serious. Don't be stubborn. --- Oh my god, why didn't anyone mention this before? It's too dangerous to hang out in this circle. --- Cursor users, it's time to wake up. Check your settings, everyone.

View OriginalReply0