diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index cd8a0fd..5a3b3be 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -51,10 +51,10 @@ jobs:
         run: |
           echo "Testing PostgreSQL migrations..."
           flask db upgrade
-          python -c "from app import create_app, db; app = create_app(); app.app_context().push(); print('✅ PostgreSQL migration successful')"
+          python -c "from app import create_app, db; app = create_app(); app.app_context().push(); print('PostgreSQL migration successful')"
           flask db downgrade base
           flask db upgrade
-          echo "✅ PostgreSQL migration rollback/upgrade test passed"
+          echo "PostgreSQL migration rollback/upgrade test passed"
 
       - name: Test SQLite migrations
         if: matrix.db_type == 'sqlite'
@@ -64,10 +64,10 @@ jobs:
         run: |
           echo "Testing SQLite migrations..."
           flask db upgrade
-          python -c "from app import create_app, db; app = create_app(); app.app_context().push(); print('✅ SQLite migration successful')"
+          python -c "from app import create_app, db; app = create_app(); app.app_context().push(); print('SQLite migration successful')"
           flask db downgrade base
           flask db upgrade
-          echo "✅ SQLite migration rollback/upgrade test passed"
+          echo "SQLite migration rollback/upgrade test passed"
 
   test-docker-build:
     runs-on: ubuntu-latest
@@ -81,7 +81,7 @@ jobs:
       - name: Test Docker build
         run: |
           docker build -t timetracker-test:latest .
-          echo "✅ Docker build successful"
+          echo "Docker build successful"
 
       - name: Test Docker container startup
         run: |
@@ -93,7 +93,7 @@ jobs:
           # Wait for container to be ready
           for i in {1..30}; do
             if curl -f http://localhost:8080/_health >/dev/null 2>&1; then
-              echo "✅ Container health check passed"
+              echo "Container health check passed"
               break
             fi
             echo "Waiting for container to be ready... ($i/30)"
@@ -140,6 +140,10 @@ jobs:
     runs-on: ubuntu-latest
     if: github.event_name == 'pull_request'
     needs: [test-database-migrations, test-docker-build]
+    permissions:
+      contents: read
+      pull-requests: write
+      issues: write
     steps:
       - name: Comment on PR
         uses: actions/github-script@v7
@@ -153,16 +157,16 @@ jobs:
             
             const botComment = comments.find(comment => comment.user.type === 'Bot' && comment.body.includes('CI Pipeline Status'));
             
-            const commentBody = \`## 🔍 CI Pipeline Status
+            const commentBody = \`## CI Pipeline Status
             
-            **All checks passed!** ✅
+            **All checks passed!** :white_check_mark:
             
             **Completed Checks:**
-            - ✅ Database migration tests (PostgreSQL & SQLite)
-            - ✅ Docker build and startup test
-            - ✅ Security vulnerability scan
+            - :white_check_mark: Database migration tests (PostgreSQL & SQLite)
+            - :white_check_mark: Docker build and startup test
+            - :white_check_mark: Security vulnerability scan
             
-            **Ready for review and merge** 🚀
+            **Ready for review and merge** :rocket:
             
             ---
             *This comment was automatically generated by the CI pipeline.*\`;