code-review

SUSPICIOUS: the core review function is benign, but arbitrary CLI delegation is broader than necessary and weakens trust boundaries. Main risks are transitive execution of unverified local agents and forwarding untrusted repo content to whatever backend those tools use.