False Positive names triggering vector search #462
Assignees
Labels
Comments
|
@lukehinds / @ptelang to re-test to see if still valid |
|
I tested and got the following: 
|
|
Note in this case, Codegate doesn't know the programming language. Codegate's semantic search finds npm/vscode as a malicious package and adds it to the prompt context. Now, LLM fails to distinguish between "editor" and "package" and responds back with codegate detected vscode as malicious package. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Describe the issue
While working on Cline support I noted that they often use the word 'vscode' in their prompts , referring to the IDE. This matches the following package and gets raised in CodeGate
https://www.insight.stacklok.com/report/npm/vscode
Steps to Reproduce
Create a prompt containing the word vscode , or any package name on the malicious / deprecated list used out of context of a package
Operating System
MacOS (Arm)
IDE and Version
Version: 1.96.2 (Universal) Commit: fabdb6a30b49f79a7aba0f2ad9df9b399473380f
Extension and Version
v3.0.8
Provider
Ollama
Model
v3.0.8
Logs
No response
Additional Context
No response
The text was updated successfully, but these errors were encountered: