community-run · MIT licensed

Stop reviewing
bot noise.

OSS Protector is a community-run GitHub App that flags AI-generated spam pull requests before they hit your review queue. Free, transparent, and built by maintainers, for maintainers.

or browse the public feed
348 flagged accounts1 repos protected101 signals tracked
348
flagged accounts
15
pull requests tracked
0
open reports
$0
forever, no tiers
The signal-to-noise crisis

For every one person fixing a real bug, fourteen are farming a contribution badge.

Maintainers are quitting. Not from the work — from reviewing the work that isn't work. Here's last Tuesday in a real OSS inbox.

maintainer inbox · last Tuesday15 PRs
fix(parser): handle deeply-nested generics in TS 5.4
@miketcosta · Tue 2:14 pm
human
Fix: typo in README
@autopr-helper-99 · Tue 2:08 pm
97%
docs: small grammar fix in CONTRIBUTING
@fix-typo-bot-42 · Tue 1:54 pm
99%
refactor: modernize quantization loop
@DeepSeek-Coder-AI · Tue 1:33 pm
86%
fix: extra space in error message
@good-first-issue-grinder · Tue 1:21 pm
92%
refactor: rename internal helpers
@refactor-master-x · Tue 1:04 pm
89%
docs: fix typo in setup section
@grammar-fixer-77 · Tue 12:48 pm
94%
chore: update install instructions
@helpful-ai-coder · Tue 12:31 pm
83%
"I logged in on Tuesday. I had 47 notifications. One was from a human. I closed the laptop and didn't open it again that week."
Maintainer, mid-tier TypeScript library, 2025
WHAT WE BLOCK
· LLM-authored "helpful" PRs with no context
· Single-character typo farming at scale
· Contribution-badge grinders
· Cosmetic refactors that break tests silently
· Coordinated cross-repo PR waves
How it works

Three signals. One decision. Always public.

We never act on a single signal. Every flag combines account heuristics, diff pattern matching, and cross-repo correlation — and every flag is reviewable by anyone.

/ 01
Account heuristics

Creation date, prior commits, bio patterns, handle entropy. The account is the easiest tell — most bots don't bother hiding.

/ 02
Diff signature

The shape of the patch itself. LLM-authored PRs have a distinctive vocabulary, indentation, and comment style we can match.

/ 03
Cross-repo correlation

One PR is a data point. A hundred PRs across a hundred unrelated repos is a fingerprint. We see the whole graph.

Confidence breakdown

No black box. See exactly why a PR got flagged.

Confidence is a weighted sum of six independent signals. You see the full breakdown on every PR — and you can audit our weights on GitHub.

A9
@autopr-helper-99example
illustrative breakdown
x
97%
confidence · flag
Account age
x
94%
PR volume
x
88%
Diff signature
x
91%
Cross-repo overlap
x
97%
Bio / handle pattern
x
82%
Commit-message voice
x
86%
SIGNALS WE USE
Account heuristics
Created < 60 days, no prior commits, handle entropy
PR volume
Number of PRs per day across unrelated projects
Diff signature
LLM template families, vocabulary, indentation, comment shape
Cross-repo overlap
Same account flagged or dismissed elsewhere
Bio / handle pattern
Self-identified AI assistants, badge-farmer naming
Commit-message voice
Conventional commits with no semantic content
See real flags in the public feed
Side-by-side

What GitHub shows you. What you actually need to see.

github.com/withastro/astro
C9
autopr-helper-99opened#842212 hours ago
fix: typo in README
Contributor

"Hello! I noticed a small typo in the README and wanted to help. Let me know if you'd like any other improvements!"

+ OSS Protector overlay
C9
autopr-helper-99
x
97%
account age 27d
fix: typo in README
likely automated14 prior reports184 PRs · 142 repos
The trust graph

Every flag is public. Every report leaves a trail.

Every flag links the account to the maintainers who reported it and the repositories it affected. Disputes are open, dismissals are tracked, false positives are surfaced.

Trust graph for @autopr-helper-99A9@autopr-helper-99evanwkentcdoddssindresorhusferossyyx990803webclidocssdkREPORTERS: 5SUSPECTAFFECTED REPOS: 142
Maintainer workflow

Quiet by default. Loud when it matters.

OSS Protector never touches your PRs — no bot comments, no status checks. Flagged contributors land in your notifications and dashboard queue, ready to confirm, dismiss, or allow in one click.

New flag in your review queue2 minutes ago
x
97%
likely automated

@autopr-helper-99 opened a PR on acme/web. The account was created 27 days ago and has filed 184 PRs across 142 repositories. The diff signature matches the "helpful-assistant v3" template family.

Reported by @evanw, @kentcdodds, and 3 others.

Three buttons. Three seconds.

Confirm: adds the account to the shared blocklist for your repos.
Dismiss: clears it from your queue. We learn from it.
Allow author: marks them as trusted in your repos forever. Whitelist, not blocklist.

Coverage

Quietly working across 1 repository.

Pricing

Free. For everyone. Forever.

$0

OSS Protector is run by maintainers, for maintainers. No paid tiers, no enterprise plan, no upsell. If you want to support the project, sponsor us on GitHub, but the tool stays free for everyone.

Sponsor the project