SlopGuard scores every incoming PR and issue for low-effort, machine-generated slop, tags its provenance, and quarantines it, then leaves the final call to a human.
# open source, MIT, never auto-closes, free for public repos
Install on a repo or org in one click. No Action YAML, no CI config, no secrets to wire.
Quarantine label + review comment only. Nothing is ever closed without an explicit maintainer command.
Flags generator hints, a prompt fingerprint, and leaked assistant phrases like “As an AI model…”.
Thresholds, labels, allowlists, and comment templates live in your repo. Reviewed like any other change.
Heuristics-only mode runs with zero API keys, and still hits 100% precision on the golden set.
State lives in GitHub labels and issues. Self-host the entire thing, it’s MIT licensed.
A webhook fires, the detection agent runs, and you get a score, a label, and a review comment, within seconds.
A PR or issue is opened. GitHub calls /api/webhook.
The agent runs static heuristics (boilerplate, emoji headers, empty body, prompt-injection) plus an optional LLM judge.
It scores 0–100, extracts provenance, and applies your .github/SLOP_POLICY.yml.
At or above your threshold → slop-quarantine label + a review comment explaining why.
A maintainer replies /slop approve, /slop reject, or /slop false-positive. SlopGuard never decides for you.
An actual machine-generated PR opened on SlopGuard's own repository. It was scored, labeled slop-quarantine, and given a review comment with provenance. The maintainer stays in control with /slop approve, reject, or false-positive.
The code is free to self-host forever. Paid tiers cover the managed LLM bill, private repos, and org controls. Checkout is handled by Polar as Merchant of Record.
For individuals and public repos. Forever free.
For maintainers with private repos and higher limits.
For organizations that need controls and visibility.
Prefer to run it yourself? Everything is open source. self-host for free.