"Parasitic compute" is strange way to describe "a user running dev workflows on their own GitHub Actions allocation"
when you run ghost, it creates a "ghostbox" - an ephemeral machine on your GitHub account, on your GitHub actions minutes, accessible only by your SSH identity. It's orchestration around GitHub's infra.
Proprietary software built on GitHub is not exactly an unusual category.
I don't believe in releasing source anymore after years of doing it. It's closed source, Rust binary, proprietary but free software offered as a utility. It's the same patterns as used by coding agents and many other CLI tools.
So, your threat model is that I’m really building my business and reputation by creating illegal, criminal malware? Ponder that, is that really a plausible thing to you? You think that about me?
No, I only use open source agents, weird of you to assume that I would make an exception just for agents. My threat model is that trust is earned, not given away to complete strangers who act hostile to simple inquiries.
I was sincerely interested in why you were choosing closed source, you decided to take it as an attack.
No-one knows who you are, and you’re clearly not against using something like GH Actions in a way other than its intended purpose. What’s to say you won’t pivot to running a tiny VM on my machine and making it available to others?
Yeah, I think that's what the program creates in your github account. I see the source to those files embedded in the executable. (I'm not running the executable, but I downloaded the linux one to my mac to take a look inside.)
And abracadabra - it will return. That's just the crowd madness leading folks from this very thread to abuse the flag/report button on GitHub repo to get it auto-disabled.
I trust it will resurrect once GitHub gets around to inspecting.