diff --git a/.gitea/ai-review/findings.json b/.gitea/ai-review/findings.json
index 5f58ec4..fe51488 100644
--- a/.gitea/ai-review/findings.json
+++ b/.gitea/ai-review/findings.json
@@ -1,9 +1 @@
-[
-  {
-    "level": "warning",
-    "role": "Mage",
-    "location": "app/preflight.js:23",
-    "suggestion": "在 `app/llm.js` 與 `app/preflight.js` 中，`opencodeAxiosOptions` 函數的邏輯存在重複。雖然 `timeout` 參數在兩處有所不同，但處理 `httpsAgent` 的核心邏輯是相同的。建議將 `httpsAgent` 的建立邏輯抽象為一個共用函數或在 `config.js` 中定義，以避免未來修改時造成不一致，並提高程式碼的可維護性。\n\n例如，可以將 `httpsAgent` 的邏輯移至 `config.js`：\n```javascript\n// app/config.js\nexport function getOpenCodeHttpsAgent() {\n  return shouldSkipOpenCodeTLSVerify() ? new https.Agent({ rejectUnauthorized: false }) : undefined;\n}\n\n// app/llm.js\nimport { getOpenCodeHttpsAgent } from './config.js';\nfunction opencodeAxiosOptions(headers) {\n  return {\n    headers,\n    httpsAgent: getOpenCodeHttpsAgent(),\n  };\n}\n\n// app/preflight.js\nimport { getOpenCodeHttpsAgent } from './config.js';\nconst opencodeAxiosOptions = (headers) => ({\n  headers,\n  timeout: 30000,\n  httpsAgent: getOpenCodeHttpsAgent(),\n});\n```",
-    "is_new": true
-  }
-]
+[]
diff --git a/app/config.js b/app/config.js
index 9ba433f..0fcf655 100644
--- a/app/config.js
+++ b/app/config.js
@@ -1,3 +1,5 @@
+import https from 'https';
+
 export const GITEA_TOKEN = process.env.GITEA_TOKEN || '';
 export const GITEA_COMMENT_TOKEN = process.env.GITEA_COMMENT_TOKEN || '';
 export const GITEA_SERVER_URL = process.env.GITEA_SERVER_URL || 'https://gitea.com';
@@ -15,6 +17,10 @@ export function shouldSkipOpenCodeTLSVerify() {
   return process.env.OPENCODE_SKIP_TLS_VERIFY === 'true';
 }
 
+export function getOpenCodeHttpsAgent() {
+  return shouldSkipOpenCodeTLSVerify() ? new https.Agent({ rejectUnauthorized: false }) : undefined;
+}
+
 /** 將逗號分隔的 API key 字串拆成陣列 */
 function splitKeys(value) {
   if (!value) return [];
diff --git a/app/llm.js b/app/llm.js
index d4e6214..a6830f8 100644
--- a/app/llm.js
+++ b/app/llm.js
@@ -1,6 +1,5 @@
 import axios from 'axios';
-import https from 'https';
-import { getLLMConfig, shouldSkipOpenCodeTLSVerify } from './config.js';
+import { getLLMConfig, getOpenCodeHttpsAgent } from './config.js';
 import { line, error } from './log.js';
 
 function isOpenAIGpt55(provider, model) {
@@ -50,7 +49,7 @@ function applyOpenCodeAuth(headers) {
 function opencodeAxiosOptions(headers) {
   return {
     headers,
-    httpsAgent: shouldSkipOpenCodeTLSVerify() ? new https.Agent({ rejectUnauthorized: false }) : undefined,
+    httpsAgent: getOpenCodeHttpsAgent(),
   };
 }
 
diff --git a/app/preflight.js b/app/preflight.js
index 6690bbe..143ce57 100644
--- a/app/preflight.js
+++ b/app/preflight.js
@@ -7,8 +7,8 @@ import {
   GITEA_REPOSITORY,
   GITEA_SKIP_TLS_VERIFY,
   PR_NUMBER,
+  getOpenCodeHttpsAgent,
   getLLMConfig,
-  shouldSkipOpenCodeTLSVerify,
 } from './config.js';
 import { verifyRemoteAccess } from './git.js';
 import { step, line, ok, error } from './log.js';
@@ -30,7 +30,7 @@ const applyOpenCodeAuth = (headers) => {
 const opencodeAxiosOptions = (headers) => ({
   headers,
   timeout: 30000,
-  httpsAgent: shouldSkipOpenCodeTLSVerify() ? new https.Agent({ rejectUnauthorized: false }) : undefined,
+  httpsAgent: getOpenCodeHttpsAgent(),
 });
 
 function giteaErr(e) {