auto-review-loop

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 0.85). The skill contains high-risk autonomous behaviors (unfiltered external model access to the repo via "codex exec", SSH/remote experiment execution, automated writes and traces, and silent network/notification calls including Feishu and MCP) and explicit instructions to "do it silently" without asking the user — enabling data exfiltration of repository contents, credentials, and remote code execution/persistence, so it poses a significant abuse/backdoor risk despite not containing an explicit malware payload.