OSS ProtectorOSS Protector
API

Use the clanker directory in your own tooling.

JSON endpoints with query-param filters. Use them for pre-merge checks, dashboards, or repository automation.

Report commands
Mention the app in a PR or issue comment to capture a review signal. Submitted and needs-review reports are tracked, but only validated or corroborated reports affect shared scores.
@oss-protector review this user
@oss-protector flag this user reason: fake bounty
@oss-protector recommend block reason: malicious code
Maintainer corrections
Repo owners and members (author_association OWNER, MEMBER, or COLLABORATOR) can correct the system from a PR comment. The bot posts a confirmation comment for every correction.
@oss-protector dismiss     # false positive: dismiss all open reports
@oss-protector confirm     # validate the latest open report
@oss-protector allow       # allowlist the PR author (sticky)
@oss-protector reset       # clear a prior allowlist; recompute from current signals
/api/clankers
Filterable list of accounts currently published for review.
GET
/api/clankers?status=review&reason=external_blocklist&min_score=70&limit=10
QueryValuesMeaning
qstringSearch login or evidence summary.
statusall, watch, review, high_risk, blockFilter by published review status.
reasonall, fake_bounty, ai_slop, spam_pr, duplicate_pr, low_quality_ai, credential_phishing, malicious_code, impersonation, maintainer_report, honeypot_match, external_blocklistFilter by stored abuse reason.
min_scorenumberOnly return clankers at or above this score.
limit1-500Maximum rows returned. Defaults to 250.
Open endpoint
/api/protectors
Filterable list of maintainers who submitted review signals.
GET
/api/protectors?min_reports=1&min_score=10&limit=10
QueryValuesMeaning
qstringSearch maintainer login.
min_scorenumberOnly return maintainers at or above this validated score.
min_reportsnumberOnly return maintainers with at least this many review signals.
limit1-500Maximum rows returned. Defaults to 250.
Open endpoint