If the commit was prompted by a core developer, the developer knows what the prompt was. If it was prompted by a stranger, the core developer reviewing it does not know what the prompt was. The review attention required is completely different, because with an untrusted submitter you have to meticulously hunt down intentional security vulnerabilities obfuscated in the PR.