issues Search Results · language:Dune language:JavaScript language:Python language:JavaScript language:Java
Filter by
55.4M results
📌 이슈 내용
내가 등록한 프로젝트, 지원한 프로젝트, 북마크한 프로젝트를 각각 조회하는 API를 구현합니다.
✅ 작업 목록
- [ ] GET /users/me/projects - 내가 등록한 프로젝트 목록 조회
- [ ] GET /users/me/applications - 내가 지원한 프로젝트 목록 조회
- [ ] GET /users/me/bookmarks ...
enhancement
lclee0520
Is your feature request related to a problem? Please describe. The fold-out is becoming too cluttered with features.
Describe the solution you d like Better show a modal or a full page with all option ...
nkueng
Scope-Split: vanilla-rework code needs to leave ER (deferred)
Date opened: 2026-06-27 Last updated: 2026-06-27 Reason: Architecture decision — ER is vanilla-balanced addons only,
vanilla reworks live ...
Piggidragon
🟠 HIGH — Vector Store No Encryption: vector store VaultNote Vector Store persists embeddings without encryption at rest
| Field | Value |
| --- | --- |
| Adjusted Score | 7.5/10 |
| Category | ai-ml-vector-store-no-encryption ...
security
severity: high
threagile:ai-ml-vector-store-no-encryptio-dd8006f4
threat-model
github-actions[bot]
🟠 HIGH — RAG No Retrieval Filtering: RAG pipeline Note RAG Pipeline injects retrieved documents without access-level filtering, enabling unauthorized disclosure
| Field | Value |
| --- | --- |
| Adjusted ...
security
severity: high
threagile:ai-ml-rag-no-retrieval-filterin-e1f2e0e1
threat-model
🟠 HIGH — Prompt Injection via RAG: RAG pipeline Note RAG Pipeline lacks input validation enabling prompt injection through retrieved context
| Field | Value |
| --- | --- |
| Adjusted Score | 7.5/10 | ...
security
severity: high
threagile:ai-ml-prompt-injection-rag-cont-b9f2ed6c
threat-model
🟠 HIGH — LLM API Key Hardcoded Risk: LLM endpoint LLM Note Summarizer has custom code without a secrets manager, risking hardcoded credentials
| Field | Value |
| --- | --- |
| Adjusted Score | 7.5/10 ...
security
severity: high
threagile:ai-ml-llm-api-key-hardcoded@llm-b358425a
threat-model
Pre-submission checklist
- [x] I have confirmed this improves existing behavior — it does not add a new command, workflow, or concept
- [x] I have searched existing issues and this enhancement has ...
approved-enhancement
enhancement
trek-e
🟠 HIGH — Inference Logs PII: LLM endpoint LLM Note Summarizer processes PII without log sanitization, creating uncontrolled PII copies in logs
| Field | Value |
| --- | --- |
| Adjusted Score | 7.25/10 ...
security
severity: high
threagile:ai-ml-inference-logs-pii@llm-summarizer
threat-model
🟠 HIGH — Inference Endpoint No Rate Limiting: LLM endpoint LLM Note Summarizer has no rate limiting, enabling prompt flooding and cost amplification
| Field | Value |
| --- | --- |
| Adjusted Score | ...
security
severity: high
threagile:ai-ml-inference-endpoint-no-rat-68c8e2cb
threat-model
Learn how you can use GitHub Issues to plan and track your work.
Save views for sprints, backlogs, teams, or releases. Rank, sort, and filter issues to suit the occasion. The possibilities are endless.Learn more about GitHub IssuesProTip! Restrict your search to the title by using the in:title qualifier.
Learn how you can use GitHub Issues to plan and track your work.
Save views for sprints, backlogs, teams, or releases. Rank, sort, and filter issues to suit the occasion. The possibilities are endless.Learn more about GitHub IssuesProTip! Restrict your search to the title by using the in:title qualifier.