According to Special:ListGroupRights bots should have the extendedconfirmed user right, but it does not show up as a value in the AbuseFilter variable user_rights. I do see all the other expected rights, so perhaps there was some config change we overlooked when deploying the new user group (T126607 and maybe T131976)?
I see that suppressredirect is also missing. That might have been added to the bot user group with T133981. Presumably they are not showing up in AbuseFilter for other user groups with these rights as well.
I suspect the list is hardcoded somewhere and just needs updating, but I couldn't find anything in the AbuseFilter codebase.
It's more the details of the filter itself that are sensitive, but here it's a false-positive of an edit that was successfully saved, so we've nothing to hide :) Basically have a look at HostBot's filter log. They keep getting tripped because extendedconfirmed isn't being returned when checking user_rights.
This also should be in user_groups, by the way. Special:ListGroupRights shows all the user groups and their permissions, if that is of any help.
Yeah I guess we can close! I see now that they last entry in the bot's abuse log was on 19 April. I also see that suppressredirect is also now showing. Perhaps someone beat us to it? Who knows... Anyway thanks for looking into it! :)