An open experiment in detecting automation patterns on GitHub.
AgentScan analyzes a GitHub account's public activity and scores it based on how much it appears to rely on automation. There's no AI involved, just event analysis, powered by identity. The results are indicators, not verdicts: a starting point for your own judgment, not a final answer.
Scores aren't bulletproof. Sophisticated automated accounts can slip through, and legitimate developers can occasionally trigger false positives. To help with that, AgentScan also maintains a curated list of manually verified accounts, submitted by the community and reviewed by maintainers before being merged in.
The same analysis that powers the website can run directly against your repository, so you can catch automated activity on your own pull requests. You can keep it as light as just tagging PRs with the account's classification, or go further and have certain classifications auto-closed.
If you've found a GitHub account you believe is automated, you can submit it for review.
Please only submit accounts you have reasonable evidence for. Submissions without supporting context will be closed.
If your account has been flagged and you believe it was done in error:
We take wrongful classifications seriously. The goal is accuracy, not accusation.
Contributions are welcome. If you find something that doesn't work or have an idea for something that works better, open an issue or a pull request.
For local development setup, see CONTRIBUTING.md.
I didn't expect to build this website, but ended up creating it after reading multiple articles and seeing open source maintainers struggling with AI agents targeting their projects.
This is an ongoing experiment. Scores may be inaccurate. Use them as a starting point, not a conclusion.
$ claude mcp add agentscan \
-- python -m otcore.mcp_server <graph>