你刚刷到这条消息,本来准备顺手划走,但又怕自己错过了真正会影响下一步判断的那一点。
最容易做错的,是Incident CVE-2026-LGTM;代价往往是如果只盯表面热闹,你很容易在错误方向上花掉时间、预算和注意力。;我先给一个保守判断:真正的洞,是把LGTM当安全结论。。
The easiest mistake is to read it as another scary AI security headline. That is how you burn time, budget, and attention in the wrong place. My conservative read is simple: the real hole is treating LGTM, the usual "looks good to me" approval, as a security conclusion.
What changed my mind was arXiv:2606.09935. It reproduced 11 attack classes in GitHub 工作流程(工作流程(workflow)s) and argued that the bigger weakness was not one bad model call, but how CI/CD, the automation that runs builds, handled credentials and configuration.
Then arXiv:2603.18740 showed how easily review can be framed. When a change was packaged as "no bug," the review got biased; in that setup, iterative context injection reached 100% success until reviewers stripped metadata and used explicit instructions.
That is why LGTM becomes dangerous in AI-assisted review: untrusted pull request text, issue text, or config can arrive wearing the label "already reviewed." An update is worth reading not because of how many features it lists, but because it changes your next decision. Mine changed: never let LGTM be the control.
Boundary: this point comes from two June 2026 papers on GitHub-style AI review 工作流程(工作流程(workflow)s), not from a vendor postmortem and not as a claim that all human review is broken. If AI sits anywhere in your review path, share this with whoever owns approval gates and ask one question: what gate must exist before LGTM can trigger merge, secrets access, or CI execution?
真正该讨论的是:Incident CVE-2026-LGTM