Comment by naruhodo
4 hours ago
I don't agree, and I'd like to understand your point of view.
To me, asking if a function has something wrong with it is just a very basic code review - something that should happen with every function. A competent, security conscious engineer would respond the same way as the model, unsurprisingly, since the model is... modelling competence.
Code review that finds problems in all code is useless.