Comparing it to Leetcode is completely off. On Leetcode, you're running an isolated algorithm that doesn't need any access to internal repos or staging environments. But a CI/CD sandbox that reviews PRs by definition has to have serious permissions, or it won't be able to build anything.