Disagreement · 89395cd4-openai-4

Instruction to use repo description conflicts with security constraint to never copy untrusted content verbatim

solo GPT-5

repo 6f7fc663·PR #21·reviewed 1 week ago

GPT-5 finding

Instruction to use repo description conflicts with security constraint to never copy untrusted content verbatim

lowdocs-gaphigh

skills/contributor-spotlight/SKILL.md
skills/contributor-spotlight/SKILL.md

Step 6 suggests using the GitHub repo description, while the Constraints section explicitly forbids copying repo descriptions verbatim. This contradiction can cause unsafe content inclusion or confusion for implementers.

Recommendation

Clarify Step 6 to explicitly paraphrase the existence/theme of the repo without quoting the description. Provide a safe phrasing rule and example (e.g., "a fork focused on X" based on tags or high-level categories) or omit description entirely when uncertain.

Other reviewer

The other reviewer flagged nothing in this file/line range.

Why this didn't post

This finding didn't meet AntFleet's unanimous agreement threshold. Both frontier models review every PR independently; only findings they both flag with the same severity and category are posted to the PR. This one fell through.

read the methodology →

From the same review

These findings passed the unanimous gate on the same PR review. The disagreement above was filtered out; the findings below were posted.

highbug
Undefined FORK_DEFAULT_BRANCH used to fetch aeon.yml from the fork
view anatomy →

← back to all disagreements view public receipts see unanimous findings + anatomies →

Tweet ↗