Motivation: Technical debt is a metaphor that describes not-quite-right code introduced for short-term needs. Developers are aware of it and admit it in source code comments, which is called Self- Admitted Technical Debt (SATD). Therefore, SATD indicates weak code that developers are aware of. Problem statement: Inspecting source code is time-consuming; automatically inspecting source code for its vulnerabilities is a crucial aspect of developing software. It helps practitioners reduce the time-consuming process and focus on vulnerable aspects of the source code. Proposal: Accurately identify and better understand the semantics of self-admitted technical debt (SATD) by leveraging NLP and NL-PL approaches to detect vulnerabilities and the related SATD. Finally, a CI/CD pipeline will be proposed to make the vulnerability discovery process easily accessible to practitioners.

翻译：动机：技术债务是一种隐喻，描述为满足短期需求而引入的不完美代码。开发者意识到这些代码的存在，并在源代码注释中予以承认，这被称为自我承认的技术债务（Self-Admitted Technical Debt, SATD）。因此，SATD 表示开发者已知的薄弱代码。问题陈述：检查源代码十分耗时；自动检查源代码的漏洞是软件开发的关键环节。它能帮助从业者减少耗时过程，并专注于源代码中的脆弱部分。提案：通过利用自然语言处理（NLP）和自然语言-编程语言（NL-PL）方法，准确识别并更好地理解自我承认的技术债务的语义，以检测漏洞及其相关的 SATD。最后，将提出一个CI/CD流水线，使从业者能够轻松访问漏洞发现过程。