From b852e91493442ee81cc53f2d275f124635212416 Mon Sep 17 00:00:00 2001
From: Tw93 <tw93@qq.com>
Date: Mon, 29 Dec 2025 15:14:03 +0800
Subject: [PATCH] Optimize security fix prompts and auto-fix flow

---
 lib/manage/autofix.sh | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/lib/manage/autofix.sh b/lib/manage/autofix.sh
index 4f333ae..d603f02 100644
--- a/lib/manage/autofix.sh
+++ b/lib/manage/autofix.sh
@@ -10,9 +10,13 @@ show_suggestions() {
     local can_auto_fix=false
     local -a auto_fix_items=()
     local -a manual_items=()
+    local skip_security_autofix=false
+    if [[ "${MOLE_SECURITY_FIXES_SHOWN:-}" == "true" ]]; then
+        skip_security_autofix=true
+    fi
 
     # Security suggestions
-    if [[ -n "${FIREWALL_DISABLED:-}" && "${FIREWALL_DISABLED}" == "true" ]]; then
+    if [[ "$skip_security_autofix" == "false" && -n "${FIREWALL_DISABLED:-}" && "${FIREWALL_DISABLED}" == "true" ]]; then
         auto_fix_items+=("Enable Firewall for better security")
         has_suggestions=true
         can_auto_fix=true
@@ -24,7 +28,7 @@ show_suggestions() {
     fi
 
     # Configuration suggestions
-    if [[ -n "${TOUCHID_NOT_CONFIGURED:-}" && "${TOUCHID_NOT_CONFIGURED}" == "true" ]]; then
+    if [[ "$skip_security_autofix" == "false" && -n "${TOUCHID_NOT_CONFIGURED:-}" && "${TOUCHID_NOT_CONFIGURED}" == "true" ]]; then
         auto_fix_items+=("Enable Touch ID for sudo")
         has_suggestions=true
         can_auto_fix=true
@@ -94,7 +98,7 @@ ask_for_auto_fix() {
         return 1
     fi
 
-    echo -ne "${PURPLE}${ICON_ARROW}${NC} Auto-fix issues now? ${GRAY}Enter confirm / ESC cancel${NC}: "
+    echo -ne "${PURPLE}${ICON_ARROW}${NC} Auto-fix issues now? ${GRAY}Enter confirm / Space cancel${NC}: "
 
     local key
     if ! key=$(read_key); then