Yeah, this is a real issue. A few weeks ago during the LiteLLM vulnerability the attacker left hundreds of bot comments under the issue to bury the conversation: https://github.com/BerriAI/litellm/issues/24512

There has to be fundemntally new features from GitHub to fight the AI slop. Or OSS projects are extremely difficult to manage