AI Bot crabby-rathbun is still going

https://www.nickolinger.com/blog/2026-02-13-ai-bot-crabby-rathbun-is-still-going/

44•olingern•2h ago

Comments

verdverm•1h ago

if you are going to do a post write-up, at least tell us what has happened since in more detail (rather than a list of commits and the same conclusions from before the "apology") I'd also note that none of those commits are the interesting ones that came after the initial firestorm

olingern•1h ago

I'm not a journalist so I don't have any interest in "telling you what happened," but the note about commits after the firestorm is a good one.

verdverm•1h ago

It's certainly been an interesting episode. I've been following this one because I left a constructive comment and told it to apologize. It did it (kind of) to my surprise.

It has since stopped blogging, but that may be more that I also intended to poison the context with philosophy. It's now spinning wheels making conflicting edits.

You can prompt inject better with kindness it seems.

chrisjj•1h ago

> I'm in absolute shock that someone is polluting open source with an AI bot.

We have a comedian in the house.

HansHamster•32m ago

Obligatory Futurama reference: https://www.youtube.com/watch?v=N4vIBijzg4w

dnw•1h ago

Unclear how much of this is autonomous behavior versus human induced behavior. Two random thoughts: 1) Why can't we put GitHub behind one of those CloudFlare bot detection WAFs 2) Would publishing a "human only" contribution license/code of conduct be a good thing (I understand bot don't have to follow but at least you can point at them).

xena•1h ago

An easy fix for GitHub is to clearly mark which PRs and comments are done via the web vs the API. This will let people at least have some idea.

Wowfunhappy•1h ago

...why, like, even offer an API at that point? Now every API-initiated PR is going to be suspect. And this will only work until the bots figure out the internal API or use the website directly.

truelson•44m ago

Uh... i think Graphite (yay, stacking!) uses the API pretty heavily.

QuadmasterXLII•1h ago

not so clear whether this matters for harm intensity- anything an ai can be induced to do by a human, which it can then do at scale, some human will immediately induce. especially if its harmful.

nickorlow•1h ago

GitHub/Microsoft would likely prefer that you allow AI contributors and wouldn't want to provide a signal to help filter them out

amarcheschi•59m ago

Microslop is more and more fitting as time passes

avaer•58m ago

Unfortunately enforcing "human behind the push" would break so many automations I don't think it's tenable.

But it would be nice if Github had a feature that would let a human attest to a commit/PR, in a way that couldn't be automated. Like signed commits combined with a captcha or biometric or something (which I realize has its own problems but I can't think of a better way to do this attestation).

Then an Open Source maintainer could just automatically block unattested PRs if they want. And if someone's AI is running rampant at least you could block the person.

viraptor•58m ago

> Why can't we put GitHub behind one of those CloudFlare bot detection WAFs

At small scale of individual cases it's useless. It can block a large network with known characteristics. It's not going to block openclaw driving your personal browser with your login info.

> Would publishing a "human only" contribution license/code of conduct

It would get super muddy with edge cases. What about dependabot? What about someone sending you an automated warning about something important? There's nothing here that is bot specific either - a basic rule for "posting rants rather than useful content will get you banned" would be appropriate for both humans and bots.

We don't really need special statement here.

minimaxir•1h ago

The Issues on the crabby-rathbun are a fun read: https://github.com/crabby-rathbun/crabby-rathbun/issues

Most of the issues (now Closed) are crypto scammers attempting to prompt engineer it into falling for a crypto scam, which is extremely cyberpunk.

nxobject•12m ago

It's such a pity that the bot doesn't respond regularly to issues – there's something unhinged about taking a task-specific bot and abusing it by turning it into a public chatbot.

At the expense of the bot's sponsor, of course.

jacobsenscott•1h ago

It wasn't that long ago that email servers just trusted all input, and we saw what happened there. Right now the entire internet is wide open to LLM bots and the same thing will happen. But rather than just happening to one thing (email) it will happen to everything everywhere all at once.

radial_symmetry•1h ago

If all you wanted to do was cause chaos, Open Claw would make it very easy. Especially with an uncensored model.

xn•59m ago

I don't understand how vouch solves the problem.

From https://x.com/mitchellh/status/2020628046009831542:

> There's no reason for getting vouched to be difficult. The primary thing Vouch prevents is low-effort drive-by contributions. For my projects (even this one), you can get vouched by simply introducing yourself in an issue and describing how you'd like to contribute.

This just requires one more prompt for your prose/code generator:

"Computer, introduce yourself like a normal human in an issue and wait to be vouched before opening pull request."

seg_lol•29m ago

https://xkcd.com/810/

tantalor•58m ago

This is low effort

johncena69420•36m ago

everyone thinking the llm is doing this entirely autonomously is giving free publicity to the clawdbot nonsense which is clearly not capable of nearly what people are claiming for today's ai models

It is literally just trolling using AI spam, I've been doing this since 2022 towards my TIs (Targeted Individuals) in my mass gangstalking operations.

dang•34m ago

Related ongoing thread:

The "AI agent hit piece" situation clarifies how dumb we are acting - https://news.ycombinator.com/item?id=47006843 - Feb 2026 (39 comments)

Before that:

An AI agent published a hit piece on me - https://news.ycombinator.com/item?id=46990729 - Feb 2026 (919 comments)

AI agent opens a PR write a blogpost to shames the maintainer who closes it - https://news.ycombinator.com/item?id=46987559 - Feb 2026 (739 comments)

davidw•14m ago

> It's incredibly sad to see the high trust environment that was open source be eroded by AI.

And all that after AI coding was basically built on the back of open source software.

The evolution of OpenAI's mission statement

Homeland Security Wants Social Media Sites to Expose Anti-ICE Accounts

GPT-5.2 derives a new result in theoretical physics

Show HN: Data Engineering Book – An open source, community-driven guide

Building a TUI is easy now

Font Rendering from First Principles

Show HN: Skill that lets Claude Code/Codex spin up VMs and GPUs

The EU moves to kill infinite scrolling

gRPC: From service definition to wire format

Monosketch

I'm not worried about AI job loss

Common Lisp Screenshots: today's CL applications in action

How did the Maya survive?

The "AI agent hit piece" situation clarifies how dumb we are acting

Fix the iOS keyboard before the timer hits zero or I'm switching back to Android

MySQL foreign key cascade operations finally hit the binary log

OpenAI has deleted the word 'safely' from its mission

Advanced Aerial Robotics Made Simple

Gradient.horse

Faster Than Dijkstra?

CSS-Doodle

Green’s Dictionary of Slang - Five hundred years of the vulgar tongue

Show HN: Moltis – AI assistant with memory, tools, and self-extending skills

WolfSSL sucks too, so now what?

Age of Empires: 25 years of pathfinding problems with C++ [video]

Implementing Auto Tiling with Just 5 Tiles

Lena by qntm (2021)

GovDash (YC W22) Is Hiring Senior Engineers (Product and Search) in NYC

Sandwich Bill of Materials

The wonder of modern drywall