how it works

How SlopGuard works

A webhook comes in; seconds later the PR has a score, a label, and a review comment. No CI to wire up, no server to run.

the triage pipelinefig.00
PR / ISSUE → SCORE
01the pipeline

From event to action

1event
GitHub sends the event

A PR or issue is opened, updated, or commented on.

pull_requestissuesissue_comment
2detection agent
Three signals, one score
Rule heuristics, boilerplate, emoji-marketing headers, empty body, prompt-injection
Provenance, generator hints, a prompt fingerprint, leaked assistant phrases
LLM judge (optional), degrades to heuristics on rate limits
blended, clamped 0 to 100
3policy gate
Your threshold decides

The score is checked against your .github/SLOP_POLICY.yml.

below: nothing happensat or above: act
4you decide
Labelled, never auto-closed

A slop-quarantine label and a review comment with the reasons. You always have the final word.

/slop approverejectfalse-positive
02try it

You set the threshold

live demo: the slop-score gatefig.02
Drag the thresholdthreshold 50 / 100
quarantined 2passed silently 3
  • PR #218Bump dependencies to latest16pass
  • PR #241Refactor the auth callback43pass
  • #312Feature request, clear repro28pass
  • PR #233Add 12 emoji-headed doc pages79quarantine
  • PR #239Rewrite README (machine-generated)93quarantine

At or above the threshold SlopGuard adds a label and a review comment. Below it, it stays silent. You set the line; a human always has the final word.

03step by step

The full flow

  1. 1SlopGuard receives the pull_request / issues / issue_comment event. Untrusted text is isolated with per-request nonce markers.
  2. 2Rule signals (boilerplate, emoji-marketing headers, empty body, giant unfocused diffs, prompt-injection) run first; the LLM judge is optional and falls back gracefully on rate limits.
  3. 3Provenance extraction looks for generator hints, a prompt fingerprint, and leaked assistant phrases. Score is blended and clamped 0-100.
  4. 4Below your threshold nothing happens. At or above it, the slop-quarantine label and a review comment with the reasons are posted.
  5. 5You reply with a slash command. Reject closes it as your explicit action; approve clears it; false-positive opens a tuning issue.
Install the GitHub App

Free for public repos. One click, no config.