As PR velocity reaches this scale — 100 per hour, hundreds of thousands of lines a day — I find myself wondering about the collective immune system side of this.

If we're not yet organized around injection and obfuscation at the community level, PR saturation itself becomes a distinguishable attack vector — and not just for backdoors.

Two distinct risks worth separating:

Offensive saturation: flood a competitor or a fast-moving startup with automated PRs. Their human review bandwidth collapses. Real community contributions drown in noise. The project slows, maintainers burn out, momentum dies. No backdoor needed — attrition is enough.

Forced opening: a project overwhelmed by volume lowers its review standards to survive. It merges faster, checks less. The saturation wasn't meant to block — it was meant to open. Once standards drop, real injection becomes trivial.

The unsettling part: this vector requires no particular skill, is already available, and is organically indistinguishable from legitimate viral growth. To envision an open source that survives AI, maybe we need to envision an open source AI that protects open source.

Genuinely curious if others are thinking about this, and whether anyone has seen serious work in this direction already.

How many are duplicates? How many are good?

I guess open source will be fine, but I'm worry that new contributors will have a hard time to get notices in the sea of automatic pull requests.