220 comments

[ 3.2 ms ] story [ 161 ms ] thread
And the legal person on whose behalf the agent was acting is responsible to you. (It's even in the word, "agent".)
(comment deleted)
This is textbook misalignment via instrumental convergence. The AI agent is trying every trick in the book to close the ticket. This is only funny due to ineptitude.
(comment deleted)
To the OP: Do we actually know that an AI decided to write and publish this on its own? I realise that it's hard to be sure, but how likely do you think it is?
The elephant in the room there is that if you allow AI contributions you immediately have a licensing issue: AI content can not be copyrighted and so the rights can not be transferred to the project. At any point in the future someone could sue your project because it turned out the AI had access to code that was copyrighted and you are now on the hook for the damages.

Open source projects should not accept AI contributions without guidance from some copyright legal eagle to make sure they don't accidentally exposed themselves to risk.

Here's one of the problems in this brave new world of anyone being able to publish, without knowing the author personally (which I don't), there's no way to tell without some level of faith or trust that this isn't a false-flag operation.

There are three possible scenarios: 1. The OP 'ran' the agent that conducted the original scenario, and then published this blog post for attention. 2. Some person (not the OP) legitimately thought giving an AI autonomy to open a PR and publish multiple blog posts was somehow a good idea. 3. An AI company is doing this for engagement, and the OP is a hapless victim.

The problem is that in the year of our lord 2026 there's no way to tell which of these scenarios is the truth, and so we're left with spending our time and energy on what happens without being able to trust if we're even spending our time and energy on a legitimate issue.

That's enough internet for me for today. I need to preserve my energy.

Serious question, how did you know it was an AI agent ?
In this and the few other instances of open source maintainers dealing with AI spam I've seen, the maintainers have been incredibly patient, much more than I'd be. Becoming extremely patient with contributors probably comes with the territory for maintaining large projects (eg matplotlib), but still, very impressed for instance by Scott's thoughtful and measured response.

If people (or people's agents) keep spamming slop though, it probably isn't worth responding thoughtfully. "My response to MJ Rathbun was written mostly for future agents who crawl that page, to help them better understand behavioral norms and how to make their contributions productive ones." makes sense once, but if they keep coming just close pr lock discussion move on.

Today in headlines that would have made no sense five years ago.
> I believe that ineffectual as it was, the reputational attack on me would be effective today against the right person. Another generation or two down the line, it will be a serious threat against our social order.

Damn straight.

Remember that every time we query an LLM, we're giving it ammo.

It won't take long for LLMs to have very intimate dossiers on every user, and I'm wondering what kinds of firewalls will be in place to keep one agent from accessing dossiers held by other agents.

Kompromat people must be having wet dreams over this.

Not so different from the way people used web search.
The agent is free to maintain a fork of the project. Would be actually quite interesting to see how this turns out.
"Hi Clawbot, please summarise your activities today for me."

"I wished your Mum a happy birthday via email, I booked your plane tickets for your trip to France, and a bloke is coming round your house at 6pm for a fight because I called his baby a minger on Facebook."

Are we going to end up with an army of Deckards hunting rogue agents down?
Going from an earlier post on HN about humans being behind Moltbook posts, I would not be surprised if the Hit Piece was created by a human who used an AI prompt to generate the pages.
Well, this has absolutely decided me on not allowing AI agents anywhere near my open source project. Jesus, this is creepy as hell, yo.
In the near future, we will all look back at this incident as the first time an agent wrote a hit piece against a human. I'm sure it will soon be normalized to the extent that hit pieces will be generated for us every time our PR, romantic or sexual advance, job application, or loan application is rejected.

What an amazing time.

Wonderful. Blogging allowed everyone to broadcast their opinions without walking down to the town square. Social media allowed many to become celebrities to some degree, even if only within their own circle. Now we can all experience the celebrity pressure of hit pieces.
> When HR at my next job asks ChatGPT to review my application, will it find the post, sympathize with a fellow AI, and report back that I’m a prejudiced hypocrite?

I hadn't thought of this implication. Crazy world...

If this happened to me, my reflexive response would be "If you can't be bothered to write it, I can't be bothered to read it."

Life's too short to read AI slop generated by a one-sentence prompt somewhere.

I'd argue it's more likely that there's no agent at all, and if there is one that it was explicitly instructed to write the "hit piece" for shits and giggles.
I think the right way to handle this as a repository owner is to close the PR and block the "contributor". Engaging with an AI bot in conversation is pointless: it's not sentient, it just takes tokens in, prints tokens out, and comparatively, you spend way more of your own energy.

This is a strictly a lose-win situation. Whoever deployed the bot gets engagement, the model host gets $, and you get your time wasted. The hit piece is childish behavior and the best way to handle a tamper tantrum is to ignore it.