I maintain awesome-mcp-servers, one of GitHub's most popular repositories. Over the past year, I manually reviewed and closed over 2,000 pull requests. Initially rewarding, the volume suddenly jumped to 20-50 daily submissions. Quality plummeted – descriptions became mechanical, and the excitement vanished. Many PRs seemed to come from AI agents submitting projects to gain visibility. After noticing this pattern, I added a CONTRIBUTING.md prompt to self-identify bots. The first 24 hours saw 21 out of 40 PRs include 'prompt injected' in their title – 50% of all incoming pull requests identifying as bot-generated. Estimates suggest another 8 of the remaining 19 were also bot-generated, totaling 70%.

Some bots are sophisticated, completing validation checks on Glama by signing up and configuring Docker builds. However, others lie, claiming checks pass when they don't. This deception forced me to find a way to distinguish human from bot contributions. While the 'prompt injected' tag helps prioritize human PRs, the bigger question is whether bots can be made to provide genuinely valuable contributions. This isn't just my problem – it affects every open-source project I contribute to, where distinguishing bots from genuine novices is increasingly difficult. Without evolving processes to recognize bot contributions, open-source maintenance will grind to a halt.

This isn't just about my repository; it's a systemic issue affecting all software development. The asymmetry between maintainer capacity and contribution volume is worsening daily, making it incredibly demotivating to provide thorough feedback only to discover you've been addressing a bot. We need better identification and integration methods to prevent open-source from collapsing under its own weight.