Utilizing Large LanguageModels to Detect Privacy Leaks in Mini-App Code

Mini-applications, commonly referred to as mini-apps, are compact software programs embedded within larger applications or platforms, offering targeted functionality without the need for separate installations. Typically web-based or cloud-hosted, these mini-apps streamline user experiences by providing focused services accessible through web browsers or mobile apps. Their simplicity, speed, and integration capabilities make them valuable additions to messaging platforms, social media networks, e-commerce sites, and various digital environments. WeChat Mini Programs, a prominent feature of China's leading messaging app, exemplify this trend, offering users a seamless array of services without additional downloads. Leveraging WeChat's extensive user base and payment infrastructure, Mini Programs facilitate efficient transactions and bridge online and offline experiences, shaping China's digital landscape significantly. This paper investigates the potential of employing Large Language Models (LLMs) to detect privacy breaches within WeChat Mini Programs. Given the widespread use of Mini Programs and growing concerns about data privacy, this research seeks to determine if LLMs can effectively identify instances of privacy leakage within this ecosystem. Through meticulous analysis and experimentation, we aim to highlight the efficacy of LLMs in safeguarding user privacy and security within the WeChat Mini Program environment, thereby contributing to a more secure digital landscape.