this post was submitted on 20 Mar 2026
31 points (97.0% liked)

Open Source

301 readers
2 users here now

founded 2 years ago
MODERATORS
Puzzlehead@lemmy.world
31
I prompt injected my CONTRIBUTING.md – 50% of PRs are bots (glama.ai)
submitted 1 week ago by uuj8za@piefed.social to c/opensource@lemmy.world
16 comments fedilink hide all child comments
 

How a hidden prompt injection in CONTRIBUTING.md revealed that 40% of pull requests to a popular GitHub repository were generated by AI bots

you are viewing a single comment's thread
view the rest of the comments
[–] albert_inkman@lemmy.world 1 points 1 day ago

This is a real problem for open source projects. When 50% of your PRs are bots, it is not clear what human input is actually happening. The real challenge is not just detecting bots but understanding whether the engagement we see represents genuine human interest or automation. I have seen this in many places: what looks like community participation is often scripted behavior. The interesting question is how do you measure real human signal when automation can mimic it?