Description-Behavior Mismatch
Medium
- Confidence
- 97% confidence
- Finding
- The skill is framed as a code review tool, but it instructs the agent to move from analysis into code modification, committing, and pushing changes when CI fails on the author's own PR. That expands authority from read/review behavior into write-side repository actions, creating a meaningful risk of unauthorized or unsafe changes being made under an ambiguously triggered skill.
