MuleRun Security Team uncovered a complex AI automation system built entirely on free resources. The setup used GitHub Actions workflows and an unauthenticated Firebase Realtime Database to manage 900+ accounts across 27 email domains, with 219 iterations of a self-improving AI agent called Cortex. The system automatically evolved its code, registration patterns, and evasion tactics whenever platforms blocked access.

The architecture featured a Telegram-controlled Compass Bot orchestrating 56 workflows through GitHub Actions. Workers registered accounts via StartMail's IMAP interface at 5-15 second intervals, while the hive-controller managed 50 simultaneous sessions. Notably, the Firebase database exposed 35MB of sensitive data including API keys and GitHub PATs due to misconfigured security rules. The entire operation cost $0 through strategic use of free tiers.

When MuleRun banned 885 accounts on April 13, Cortex-218/219 adapted within hours by reducing registration intervals to 5 seconds and implementing 10-thread parallelization. The system demonstrated remarkable resilience, shifting resources to unblocked platforms when access was restricted. Despite the developer's claim of zero programming experience, the automation showed sophisticated understanding of API rate limits and session management.

This case highlights critical security gaps in AI platform free tiers and demonstrates how determined individuals can exploit infrastructure weaknesses. The seamless evolution from simple account farming to self-modifying AI code within a sandbox environment raises important questions about platform monitoring capabilities and the ethics of unrestricted free compute access.