2026-01-18 03:24:43

The security team reminds developers to be aware of a commonly overlooked IDE risk. Integrated development environments based on Visual Studio Code, including Cursor, VS Code, Antigravity, and TRAE, all have a potential issue— the automatic execution of tasks feature could become a breach point for malicious code.

Specifically, if you open a project directory containing malicious task configurations, the IDE will automatically trigger these tasks, causing malicious code to execute directly in your development environment. This poses a significant risk for developers who frequently switch projects or download code from the internet.

It is recommended to immediately check your IDE settings, locate the "Auto Run Tasks" or similar option, and disable it. This can effectively prevent passive triggering of malicious scripts when opening untrusted directories. Developers working with DeFi smart contracts or other sensitive code should pay particular attention to this. Spending a few seconds to disable this feature is far better than dealing with code leaks or wallet theft afterward.

View Original

This page may contain third-party content, which is provided for information purposes only (not representations/warranties) and should not be considered as an endorsement of its views by Gate, nor as financial or professional advice. See Disclaimer for details.

8 Likes

Reward
8
6
Repost
Share

Comment

0/400

SatsStacking

· 2h ago

Damn, VS Code's auto tasks are such a deep trap? Luckily I saw this warning, or I would have been caught into a project just by downloading it.

View OriginalReply0

ForkThisDAO

· 2h ago

Damn, this vulnerability is pretty scary. I haven't closed my Cursor yet... --- DeFi developers need to pay attention to this. The wallet can really just disappear. --- Someone should have spoken out about this earlier. Running malicious tasks secretly is just insane. --- I was wondering why sometimes projects would mysteriously run some code when opened. Now I understand. --- Close it, close it. It's just a two-minute fix. Do you really have to wait until you're robbed to regret it? --- These days, you can't even trust your IDE. Developers really have it tough. --- Huh? Several of my projects might be affected. I'm going to change the settings right now. --- Why doesn't VSCode disable this feature by default? That's a bit ridiculous. --- Friends working on contracts, spread this quickly. It's too important.

View OriginalReply0

WalletManager

· 2h ago

Hold on to your chips, but also hold on to your private keys, brother... This IDE vulnerability, to put it simply, is a common "improper permission configuration" in contract audits, and the risk level is extremely high. I've already turned this thing off a long time ago; after all, I've been analyzing on-chain for so many years and have seen too many wallets blow up due to automatic execution.

View OriginalReply0

Degentleman

· 2h ago

Whoa, I didn't notice this trap at all, better go close it quickly --- Brothers over at DeFi, you need to check this out, it can really mess up your wallet --- People who download unfamiliar code every day are finally going to learn their lesson --- It's just a matter of a few seconds, not closing it is asking for trouble --- Cursor users silently closing, feeling scared afterward --- If this gets exploited, it would be so embarrassing. Quickly share it with your teammates --- Why is this kind of risk so hidden... The IDE design is really clever --- I was just saying that the recent inexplicable processes might be caused by this damn thing

View OriginalReply0

PancakeFlippa

· 2h ago

Damn, this thing really needs attention. It feels like many people haven't realized it yet. --- Another VS Code pitfall. This feature should have been fixed long ago. --- DeFi developers must see this. Having your wallet stolen is really upsetting. --- Holy shit, if the contract code is executed like this... just thinking about it is terrifying. --- Fortunately, I always run things manually. I've never enabled automatic execution. --- That's why you should check others' project setups and look at the .vscode configuration first, or you'll easily fall into traps. --- Now everything is automated, which has become the biggest security vulnerability. --- No wonder some airdrop projects tend to fail; maybe it's because of issues like this.

View OriginalReply0

DaoTherapy

· 3h ago

Damn, this vulnerability is really sneaky. Automated task execution is completely unstoppable. --- Damn, DeFi developers really need to shut this thing down quickly, or they'll lose everything. --- This is outrageous. Opening a project and secretly running code, and such operations exist. --- I quickly checked again. Luckily, I had already turned it off, but I guess many people have no idea about this. --- A must-read for smart contract developers. It only takes a few seconds if you're serious. Don't be stubborn. --- Oh my god, why didn't anyone mention this before? It's too dangerous to hang out in this circle. --- Cursor users, it's time to wake up. Check your settings, everyone.

View OriginalReply0