Advanced Code Review #security #SQL-injection #credentials

Security Review Comments

2 exercises — how to flag security vulnerabilities in code reviews with the right severity, specifics, and remediation guidance.

0 / 2 completed
1 / 2
You spot hardcoded credentials in a PR:
const API_KEY = "sk-live-abc123xyz";

Which security review comment is best?