From ed15686147ace5d9c995bc3228db9c02605fbc71 Mon Sep 17 00:00:00 2001
From: Marcelo Ceccon <32395187+marceloceccon@users.noreply.github.com>
Date: Tue, 21 Apr 2026 13:42:11 -0300
Subject: [PATCH] Potential fix for code scanning alert no. 5: Use of
 externally-controlled format string

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
---
 lib/consensus-engine.ts | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/lib/consensus-engine.ts b/lib/consensus-engine.ts
index 475986b..937bf7e 100644
--- a/lib/consensus-engine.ts
+++ b/lib/consensus-engine.ts
@@ -429,7 +429,9 @@ ${userPrompt}
     if (err instanceof DOMException && err.name === "AbortError") throw err;
     const msg = formatProviderError(err);
     console.error(
-      `[RoundTable] Judge error from ${resolved.providerName}/${resolved.modelId}:`,
+      "[RoundTable] Judge error from %s/%s:",
+      resolved.providerName,
+      resolved.modelId,
       err,
     );
     const tail = content.length === 0 ? `[Judge error: ${msg}]` : `\n\n[Judge error: ${msg}]`;