Identifying potential automation patterns in GitHub accounts
This is the core logic behind AgentScan, an app I didn’t expect to build, but ended up creating after reading this article about open source projects being targeted by AI agents.
It applies an opinionated scoring system to GitHub activity signals to classify accounts as human, bot, or potentially suspicious.
The results are indicators, not verdicts. There’s no AI involved, just event analysis looking for patterns that feel a little off.
In case you don’t know what is a Voight-Kampff test watch here
npm install voight-kampff-test
import { identifyReplicant } from "voight-kampff-test";
const user = {}; // <-- `https://api.github.com/users/${username}`
const events = []; // <-- `https://api.github.com/users/${username}/events?per_page=100`
const analysis = identifyReplicant({
createdAt: user.created_at,
reposCount: user.public_repos,
accountName: user.login,
events,
});
Please drop an issue, if you find something that doesn’t work, or have an idea for something that works better.
We use cookies to analyze traffic and improve your experience. You can accept or reject analytics cookies.