Open Source Maintainers Need a Spam Filter for AI Labor (www.vincentschmalbach.com)

Open source maintainers are encountering a growing challenge as AI-generated submissions flood their systems, complicating the review process significantly. With the advent of AI tools, creating bug reports, pull requests, and security disclosures has become easier and cheaper. However, the cost of reviewing these submissions has skyrocketed, with senior developers now spending considerable time sifting through plausible but ultimately false or unhelpful reports. A case in point is the curl project, where by mid-2025, AI was responsible for about 20% of submissions, yet only 5% of those reports reflected real vulnerabilities. This imbalance highlights a critical need for well-defined intake policies that can filter out low-effort contributions. The implications for the AI/ML community are profound, as they signal a shift in how open-source projects must adapt to the realities of AI-enhanced workflows. Maintaining the integrity of open-source projects will require specific measures such as rate limits, account-age requirements, and labels identifying AI-generated content. By implementing strict criteria for submissions and establishing clear expectations around contributor accountability, maintainers can better manage the influx of AI-produced work. When AI makes the act of submission near-instantaneous, the need for a robust filtering system becomes essential to ensure that beneficial contributions are not overlooked amidst a deluge of low-value inputs.