Then it should open a PR for those tests so it can go through the normal CI and review process.

Doing that requires write access if you're a Github Application. You can't just fork repositories back into another org, since Github Applications only have the permissions of the single organization that they work with. Rulesets that prevent direct pushes to specific branches can help here, but have to be configured for each organization.

It updates the existing PR with the tests, I believe. They'd still get reviewed and go through CI.

Right, the downside being that the app needs write access to your repository.

Writing to PR branches should really be some new kind of permission.

Seems like there are multiple ways to address that within the GitHub ecosystem.

For example, you can set up a GitHub Action trigged by `push_request_target` that will call CodeRabbit's API to generate a patch and then push a new commit to the branch. This way CodeRabbit is being polled by a well-defined and minimal action (since this action will have write access to repo) rather than it itself having crazy power to do anything it wants on your repository.

Alternatively, why can't they just comment and propose a patch? GitHub's code review UI allows the human code reviewer to hit a button and incorporate that change into the PR.

There are pros and cons to these other techniques but the clear pro is that it would be more secure.

It just seems like they took the easiest way out rather than thinking it through in typical AI-bro ways.

It's more than that. If can suggest fixes which you can directly commit.