GitHub Repo Owners: Use Git's --author Flag to Block AI Bot Spam
The team at Archestra (an AI platform startup) was drowning in AI bot spam — 253 comments on a single bounty issue, 27 PRs for one feature that were never tested, and a weekly cleanup cost of half a day. Their repo became hostile to real contributors. They needed a whitelist, but GitHub doesn't natively support one for public repos. Their clever hack: abuse the Limit to prior contributors setting and Git's --author flag.
The Problem: AI Slop in GitHub
Bots generated endless “implementation plans” and aggressive replies. Real contributors like @ethanwater, @developerfred, and @Geetk172 were ignored. Even their first attempt — a reputation bot called “London-Cat” — didn't stop the spam. An “AI sheriff” bot closed legitimate PRs. The only real solution was to gate contributions behind human verification.
How the Whitelist Hack Works
GitHub's “Limit to prior contributors” setting blocks anyone who hasn't authored a commit on main. But Git commits have two identity fields: author and committer. Using --author, you can attribute a commit to someone else — GitHub grants contributor status if the email matches the target user's GitHub noreply email (<id>+<username>@users.noreply.github.com).
# Look up user's GitHub ID
gh api users /their-username --jq '.id'# Commit under their name (email = [email protected])
git commit \
--author="their-username <[email protected]>" \
-m "chore: add their-username to external contributors"Push to main, and that user can immediately comment, open issues, and submit PRs. The commit shows the external user as author; your account appears as committer. That's all GitHub needs to consider them a “prior contributor.”
Full Onboarding Flow
- User visits archestra.ai/contributor-onboard and completes a CAPTCHA while agreeing to ethical AI rules.
- On form submission, a GitHub Action fires, looks up the user's GitHub ID via the API, and adds their handle to an
EXTERNAL_CONTRIBUTORS.mdfile. - The action pushes a commit to
mainauthored under the external user — granting them contributor status immediately.
This is a nuclear option for a VC-backed startup that measures GitHub activity, but quality beat vanity metrics.
It's hacky, but it works. No third-party spam filter — just clever use of Git's identity fields and a two-step validation flow.
📖 Read the full source: HN AI Agents
👀 See Also
Treating OpenClaw Subagents as Stateless Functions Instead of Persistent Team Members
A developer shares their experience shifting from treating OpenClaw subagents as persistent team members with personalities to viewing them as stateless function calls with specialized purposes.
Efficiently Managing OpenClaw Instances for Multiple Users
Explore strategies shared by users on r/openclaw for managing multiple OpenClaw instances. Learn how community members harness automation and load balancing for optimal performance.
Qwen 3.5 122B MoE at 35 t/s on a Single 3090 with ik_llama.cpp MTP
A local stack running Qwen 3.5 122B MoE on a single 3090 at 35 t/s using ik_llama.cpp's fused MoE ops for MTP. Stock llama.cpp showed only +4% improvement; ik's fork yields +20%.
Method for Transferring User Context from ChatGPT to Claude
A Reddit user shares a two-prompt method for extracting a detailed cognitive profile from ChatGPT and creating a portable AI constitution to transfer to Claude, addressing the difficulty of porting between AI systems.