Open Source GitHub App

Stop AI-Generated
Spam Pull Requests

Protect your open source project from low-quality, LLM-generated PRs that waste maintainer time and erode contribution quality.

Install GitHub App Learn How It Works

The Problem

Open source maintainers are overwhelmed by a new type of spam

Wasted Review Cycles

Maintainers spend precious time reviewing PRs that propose invalid, unnecessary, or nonsensical changes.

Metric Gaming

Bad actors use AI to mass-produce trivial contributions to inflate their GitHub profile stats.

Eroded Trust

The flood of spam PRs makes it harder to identify and welcome genuine new contributors.

The Solution

Automated reputation scoring that protects without blocking legitimate contributors

Heuristic-Based Scoring

8 different signals analyze profile completeness, contribution history, and activity patterns to generate a reputation score.

Configurable Thresholds

Set your own sensitivity levels for warning labels vs. auto-close. Every project has different needs.

Whitelist Support

Exempt known-good contributors, bots, and trusted accounts from scoring entirely.

Transparent

Every flagged PR gets a comment explaining exactly which signals contributed to the score.

Non-Invasive

Only evaluates PRs from users who have never merged a commit to your repo. Established contributors are never checked.

Privacy-Respecting

Only analyzes public GitHub data. No tracking, no data storage, no third-party services.

Scoring Heuristics

8 signals combine to form a reputation score from -100 to +100

Heuristic What It Checks Score Range
Account Age
How old is the GitHub account? Newer accounts score lower, established accounts score higher. -20 to +15
Profile Completeness
Does the profile have an avatar, bio, company, location, or linked accounts? Complete profiles indicate real humans. -10 to +23
Follower Patterns
Analyzes follower/following ratio. Detects follow-spam patterns (high following, low followers). -10 to +8
PR Acceptance Rate
What percentage of their PRs actually get merged? Low merge rates indicate low-quality contributions. -25 to +10
Contribution Type
Are contributions mostly code or trivial doc changes? Detects docs-only spam patterns. -15 to +10
Activity Patterns
Is activity consistent or bursty? Detects dormant accounts that suddenly mass-produce PRs. -20 to +10
Notable Contributions
Has the user contributed to popular open source projects? Merged PRs to notable repos boost score. -10 to +20
Fork Timing
How quickly after forking did they submit a PR? Instant fork-to-PR is a spam signal. -20 to +10
Profile data only Requires search API Multiple API calls Per-PR context

Configuration

Add a .github/pr-slop-stopper.yml file to customize behavior

# Score thresholds (scores range from -100 to +100)
thresholds:
  warn: -10      # Add warning label at this score
  close: -40    # Auto-close PR at this score

# Whitelisted GitHub usernames (exempt from checks)
whitelist:
  - trusted-bot
  - known-contributor

# Enable/disable specific heuristics
heuristics:
  account_age: true
  profile_completeness: true
  follower_patterns: true
  pr_acceptance_rate: true
  contribution_type: true
  activity_patterns: true
  notable_contributions: true
  fork_timing: true

# Action settings
actions:
  add_label: true
  add_comment: true
  auto_close: false  # Disabled by default

Default Behavior

  • PRs scoring below -10 get a warning label
  • PRs scoring below -40 get a spam label (auto-close disabled by default)
  • All heuristics are enabled by default
  • Comments explain the score breakdown

Ready to Protect Your Project?

Install PR Slop Stopper and start filtering spam PRs today.

Install GitHub App View Source