We need a clearer framework for AI-assisted contributions to open source (samsaffron.com)

Open-source maintainers are sounding the alarm about “vibe coding”: the flood of AI-generated change sets from tools like GitHub Copilot, OpenAI Codex, Claude and Cursor is making it trivial to produce prototypes but costly to review. Discourse engineers argue for a simple binary contribution model: prototypes should be shared as branches, videos or issue posts (clearly labeled as exploratory), while PRs must be “ready for review” — fully vetted, tested, secure and vouched for by the submitter. Left unchecked, machine-generated drafts arriving as PRs waste maintainer time, introduce technical debt, and can hide security issues (Veracode found only ~55% of generated code was secure), creating a demo-to-product gap that can be days or weeks of additional engineering work. The practical implications for the AI/ML and open-source community are clear: projects need explicit etiquette and tooling to distinguish demos from production-ready contributions, timebox initial reviews, and empower maintainers to close or redirect prototype PRs to forums or branches. The authors emphasize responsible ownership—if you relied on AI, still review and stamp the code yourself before submitting. Examples like the “dv” orchestrator (an AI-built toy used for prototyping Discourse) show the value of fast exploration, but maintainers must guard scarce review bandwidth and update contribution policies to accommodate “alien intelligence” that is simultaneously powerful and error-prone.