惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

T
Threatpost
aimingoo的专栏
aimingoo的专栏
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
T
Tailwind CSS Blog
J
Java Code Geeks
博客园_首页
Google Online Security Blog
Google Online Security Blog
Hugging Face - Blog
Hugging Face - Blog
C
CXSECURITY Database RSS Feed - CXSecurity.com
I
Intezer
P
Palo Alto Networks Blog
V
Vulnerabilities – Threatpost
雷峰网
雷峰网
O
OpenAI News
SecWiki News
SecWiki News
小众软件
小众软件
酷 壳 – CoolShell
酷 壳 – CoolShell
美团技术团队
N
News | PayPal Newsroom
Project Zero
Project Zero
Forbes - Security
Forbes - Security
IT之家
IT之家
A
Arctic Wolf
WordPress大学
WordPress大学
Jina AI
Jina AI
T
Tor Project blog
博客园 - 三生石上(FineUI控件)
S
Secure Thoughts
Google DeepMind News
Google DeepMind News
Attack and Defense Labs
Attack and Defense Labs
博客园 - 聂微东
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
P
Privacy International News Feed
Cloudbric
Cloudbric
G
GRAHAM CLULEY
博客园 - 叶小钗
H
Hacker News: Front Page
腾讯CDC
量子位
Help Net Security
Help Net Security
人人都是产品经理
人人都是产品经理
C
Cyber Attacks, Cyber Crime and Cyber Security
月光博客
月光博客
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
宝玉的分享
宝玉的分享
爱范儿
爱范儿
L
Lohrmann on Cybersecurity
Hacker News - Newest:
Hacker News - Newest: "LLM"
Recorded Future
Recorded Future
C
CERT Recently Published Vulnerability Notes

Hacker News - Newest: "AI"

AI can't read an investor deck AI as an attorney? Student uses ChatGPT, Gemini to sue UW over alleged racial discrimination Hacking MCP Servers in AI Systems – The Rug Pull: Tool Changes After Approval GitHub - MeepCastana/KubeezCut: Free Web based video editor GitHub - GenAI-Gurus/awesome-eu-ai-act: Curated tools, official sources, OSS, templates, and guides for EU AI Act compliance. Can AI judge journalism? A Thiel-backed startup says yes, even if it risks chilling whistleblowers Coming soon: 10 Things That Matter in AI Right Now DARPA built an AI to fact-check enemy weapons claims What explains heterogeneity in AI adoption? When AI Meets Muscle: Context-Aware Electrical Stimulation Promises a New Way to Guide Human Movements - Department of Computer Science AI Changed How We Build. It Did Not Change What Matters. Linux rules on using AI-generated code - Copilot is OK, but humans must take 'full responsibility for the… Meta spins up AI version of Mark Zuckerberg to engage with employees Code Mode: Let Your AI Write Programs, Not Just Call Tools | TanStack Blog GitHub - Delavalom/graft: Go framework for building AI agents. Type-safe tools, multi-provider (OpenAI, Anthropic, Gemini, Bedrock), zero vendor SDKs. India's TCS tops estimates, says new AI models did not dent services demand Gen Z's fading AI hype Strong feeling: we are in a folded AI reality GitHub - machinarii/total-recall-catalog: A reference catalog of latest knowledge retrieval, memory & RAG systems GitHub - mensfeld/code-on-incus: Give each AI agent its own isolated machine with root, Docker, and systemd. Active defense detects and stops threats automatically.. Quantization, LoRA, and the 8% Problem: Benchmarking Local LLMs for Production AI Iran war: We spoke to the man making Lego-style AI videos that experts say are powerful propaganda Powell, Bessent discussed Anthropic's Mythos AI cyber threat with major U.S. banks GitHub - immartian/bellamem: Persistent belief-graph memory for AI agents. Retrieves decisive context by importance — not recency, not RAG, not /compact. recursive-mode: The Repo-Native Operating System for AI Engineering After the attack on Sam Altman's home, will AI CEO's go on the offensive? The biggest advance in AI since the LLM Opus 4.6 vs GPT 5.4 One Prompt Unity World Generation Test “AI polls” are fake polls Client Challenge Can AI be a 'child of God'? Inside Anthropic's meeting with Christian leaders How to Switch AI Chatbots and Why You Might Want To GitHub - MattMessinger1/agentic_refund_guardrail: Safe refund policy layer for AI agents — Python + TypeScript. Same behavior, shared tests. Adam/papers/emergent_values_whitepaper.md at master · strangeadvancedmarketing/Adam Ask HN: How do you stop playing 20 questions with your AI coding tools How far can automation and AI support psychotherapy? - @theU GitHub - stagas/rtdiff: realtime git diff gui and AI-assisted commits A Mac Studio for Local AI — 6 Months Later A History of the Early Years of AI at the University of Edinburgh Why AI Coding Tools Still Feel Stuck on Localhost MSN AI Datacenters Are Becoming Strategic Targets twitter.com Penn Researchers Use AI to Surface Unreported GLP-1 Side Effects in Reddit Posts Show HN: MoodSense AI (ML and FastAPI and Gradio, Deployed on Hugging Face) Moodsense Ai - a Hugging Face Space by aman179102 AI models are terrible at betting on soccer—especially xAI Grok GitHub - xialeistudio/echoic GitHub - HimashaHerath/github-dev-wrapped: AI-powered weekly GitHub activity reports deployed to GitHub Pages GitHub - alejandrobalderas/claude-code-from-source: Architecture, patterns & internals of Anthropic's AI coding agent — reverse-engineered from source maps AI and Tech brief: Ireland ascendant GitHub - Titovilal/context0: Context0 - Never Surrender Training for a Marathon with an AI Coach: What Worked and What Didn't Cyber Pulse: Agentic Intel - Apps on Google Play I Built an AI PR Reviewer That Catches Bugs by Not Looking for Bugs Gen Z workers are so fearful AI will take their job they’re intentionally sabotaging their company’s AI rollout | Fortune How AI Is Reimagining the Game of Golf–For Both Players and Courses GitHub - nattergabriel/reseed: A CLI tool for managing and distributing agent skills across projects Is SVG the final frontier? My AI workflow evolved from prompts to a near-autonomous workflow MLSharp Help - 3DGS Viewer & Generator I put my cognitive field based AI's runtime on GitHub Is Numble the first AI-proof game? A3: Kubernetes for autonomous AI agent fleets | Emergent Principles Deepali Vyas ("The Elite Recruiter") GitHub - msmarkgu/RelayFreeLLM: A restful API designed to route user prompts to various AI model providers. Unionized ProPublica staff are on strike over AI, layoffs, and wages Unleashing the Advantage of Quantum AI We're heading for an AI-fueled 'dementia crisis,' brain scientist warns The AI-Assisted Breach of Mexico's Government Infrastructure [pdf] GitHub - stef41/lmscan: 🔍 Detect AI-generated text and fingerprint which LLM wrote it. Open-source GPTZero alternative. Zero dependencies, works offline. MSN GitHub - visionscaper/collabmem: Enabling long-term collaboration with Agentic AI - building up episodic and world model memory over time with in-context awareness We gave an AI a 3 year retail lease in SF and asked it to make a profit | Andon Labs AI Code is Hollowing Out Open Source, and Maintainers are Looking the Other Way What leaked "SteamGPT" files could mean for the PC gaming platform's use of AI AI is the boss at this retail store. What could go wrong? GitHub - Wuzu11517/agentic-proxy: Local proxy meant to help reduce With Drones, Geophysics and ArtificiaI Intelligence, Researchers Prepare to Do Battle Against Land Mines A Single Operator, Two AI Platforms, Nine Government Agencies: The Full Technical Report 在 Steam 上购买 FriedrichAI: Offline AI 立省 10% GitHub - inevolin/resume-cli: Hit Claude usage limits? Resume any AI coding session elsewhere. Switch tools at zero friction. GitHub - atripati/ark: AI Runtime Kernel — a context operating system for AI agents. Eliminates tool bloat, loads only what’s needed, and gives LLMs their reasoning space back. How to Build a Secure AI PR Reviewer with Claude, GitHub Actions, and JavaScript This Startup Wants You to Pay Up to Talk With AI Versions of Human Experts Intel Arc Pro B70 Brings 32GB VRAM to Local AI for $949 WordPress 7.0: The Good, the AI, and the Still Missing AI on the couch: Anthropic gives Claude 20 hours of psychiatry IatroBench: Pre-Registered Evidence of Iatrogenic Harm from AI Safety Measures AI Agents Know About Supabase. They Don't Always Use It Right. The history and future of AI at Google, with Sundar Pichai Inside an AI‑enabled device code phishing campaign How Meta Used AI to Map Tribal Knowledge in Large-Scale Data Pipelines AI for Systems: Using LLMs to Optimize Database Query Execution Forecasting the Economic Effects of AI Introducing Tinker: Play with AI, bring your ideas to life AI sheds light on an ancient gaming mystery People really hate AI but not as much as Iran—or Democrats | Fortune What is an AI Product Engineer? Phoebe Gates wants her $185 million AI startup to succeed with 'no ties to my privilege or my last name': 'I have a chip on my shoulder' | Fortune
6 Million Fake GitHub Stars: How to Vet Open-Source AI Tools Before You Bet on Them
b-man · 2026-05-27 · via Hacker News - Newest: "AI"

Your team finds a promising AI agent framework on GitHub. It has 12,000 stars, an active-looking README, and a Discord link. The CTO greenlights a proof-of-concept. Three months later the project is abandoned, the maintainer vanishes, and someone on Hacker News points out that 70% of those stars came from bot accounts created in the same week. You are now maintaining a fork of a dead project as a core dependency. This scenario is not hypothetical. A peer-reviewed study from Carnegie Mellon University, presented at ICSE 2026, found approximately 6 million fake stars distributed across 18,617 repositories by roughly 301,000 accounts. AI and LLM repositories were the largest non-malicious category of recipients. If your organization is evaluating open-source AI tools, the star count on the repo page is one of the least reliable signals you can use.

Why Are GitHub Stars Unreliable as a Quality Signal?

A GitHub star is a one-click, zero-commitment gesture. It does not mean the person who starred a repository has read the code, used the tool, or even cloned the repo. It is closer to a social media "like" than a product endorsement. Yet stars have become the default shorthand for open-source credibility, appearing in pitch decks, vendor comparison spreadsheets, and internal tool evaluations. The gap between what stars measure (casual interest) and what teams use them to infer (adoption, quality, community health) is where the manipulation lives.

The CMU study used a tool called StarScout to analyze 20 terabytes of GitHub metadata (6.7 billion events and 326 million stars from 2019 to 2024). By mid-2024, 16.66% of all repositories with 50 or more stars were involved in fake star campaigns. That number was near zero before 2022. The researchers confirmed their detection accuracy: 90.42% of flagged repositories and 57.07% of flagged accounts had been deleted by January 2025, meaning GitHub itself recognized these as illegitimate.

The incentive structure makes the problem worse. Venture capital firms explicitly use star counts as sourcing signals. Jordan Segall at Redpoint Ventures published an analysis of 80 developer tool companies showing that the median GitHub star count at seed financing was 2,850 and at Series A was 4,980. He confirmed that "many VCs write internal scraping programs to identify fast growing GitHub projects for sourcing." When stars convert directly into investor attention, the financial incentive to inflate them is obvious.

How Does the Star-Buying Market Work?

Stars sell for $0.03 to $0.85 each on at least a dozen websites, Fiverr gigs, and Telegram channels. No dark web access required. Budget services ($0.03 to $0.10 per star) use disposable new accounts that deliver in days. Premium services ($0.80 to $0.90 per star) use aged accounts with years of activity history, delivering gradually to mimic organic growth. Some vendors offer 30-day replacement guarantees and formal APIs for programmatic purchasing.

The fingerprints are consistent. Independent analysis of manipulated repos found that 36% to 76% of stargazers have zero followers and zero public repositories. These are not new developers casually exploring GitHub. They are empty shells, many with account ages over 1,000 days (purchased or farmed specifically for star campaigns), designed to pass simple "young account" filters. The accounts star but do not fork, do not file issues, and do not watch for updates. They exist to increment a counter.

The economics are striking. At seed-round median benchmarks of 2,850 stars, manufacturing that number costs $85 to $285 using budget services. A typical seed round unlocks $1 million to $10 million in funding. The return on investment for purchased credibility ranges from 3,500x to 117,000x. For an AI startup facing pressure to demonstrate traction, the math is unfortunately compelling.

How Do You Spot a Repo With Inflated Stars?

No single metric proves manipulation, but a combination of weak signals creates a clear picture. Here are the heuristics that matter most, drawn from both the CMU research and independent analyses of known-organic versus known-manipulated repositories.

Fork-to-star ratio. This is the strongest simple heuristic. A fork means someone downloaded the code to use or modify it. A star costs nothing. Healthy, actively used projects show fork-to-star ratios between 10% and 25%. Flask (71,000 stars) has a ratio of 23.5%. LangChain (133,000 stars) is at 15.5%. Projects with confirmed manipulation campaigns routinely fall below 5%. One repo with 157,000 stars had a fork-to-star ratio of 1.7%, meaning almost nobody who starred it ever used it. If you see a repo with 10,000+ stars and a fork-to-star ratio below 5%, that warrants a closer look.

Watcher-to-star ratio. Watchers are people who subscribe to notifications on a repo because they depend on it. This is an even higher-commitment signal than forks. Organic projects average 0.5% to 3% watchers per star. One heavily manipulated repo with 157,000 stars had only 168 watchers (0.1%), meaning for every 1,000 people who starred it, roughly one actually cared about updates. That ratio is 26x lower than Flask.

Star velocity versus commit velocity. A genuine surge in stars usually follows a release, a conference talk, a Hacker News front page, or a mention by a prominent developer. A spike of 2,000 stars in a week with no corresponding activity, release, or press coverage is suspicious. Cross-reference star growth charts (available through third-party tools like star-history.com) with the project's commit log and news mentions.

Contributor depth. How many people have committed more than once? A single-contributor project with 8,000 stars may be a talented solo developer, but it also means the entire project depends on one person's continued interest. Combine low contributor depth with suspicious star patterns and you have a higher-risk dependency.

Issue and PR activity. Real adoption generates real issues. Production users file bug reports about edge cases, request features based on actual workflows, and submit patches. If the Issues tab on a 15,000-star repo is empty, or every issue is from the maintainer, the community signal is hollow. Compare the volume and quality of issues against similar projects in the same category.

What Should a Due Diligence Checklist for Open-Source AI Tools Include?

Before your team builds on any open-source AI project as a core dependency, run through these ten checks. None of them requires special tooling. All of them are available from the GitHub UI, the project's package registry, and five minutes with the README.

  1. Maintenance pulse. When was the last commit? What is the release cadence? How long do issues stay open before a response? A project with no commits in 90 days is a risk regardless of star count. Check the "Pulse" and "Contributors" tabs on GitHub for a quick read.
  2. Bus factor. How many maintainers have committed in the last 6 months? Single-maintainer projects are single points of failure. If the sole maintainer gets a new job, loses interest, or burns out, your dependency becomes your problem.
  3. License compatibility. Confirm the license works for your use case. Some popular AI repos use non-commercial, AGPL, or "source available" licenses that create legal problems in production deployments. Read the actual LICENSE file, not the badge in the README.
  4. Dependency chain depth. What does the project pull in? A lightweight wrapper around a fragile chain of unmaintained transitive dependencies is not "simple." Run the dependency tree and check the health of the top 5 transitive dependencies.
  5. Security posture. Does the project have a SECURITY.md? Do they publish CVEs or advisories? Is there a responsible disclosure process? For AI agent frameworks that execute code, the security posture of the project itself is load-bearing.
  6. Community health metrics. Ratio of external contributors to maintainers, response time on issues, PR review cadence. A project where every PR sits unreviewed for weeks is not ready for production use, regardless of how many stars it has.
  7. Documentation maturity. Production-ready projects have migration guides, API stability policies, and deprecation notices. README-only docs signal early stage. If you cannot find a changelog or upgrade guide, assume breaking changes will arrive without warning.
  8. Corporate backing versus hobby project. Neither is automatically better, but knowing which one you are adopting changes your risk calculus. A VC-backed project might pivot. A hobby project might stall. Both are valid concerns that require different mitigation strategies.
  9. Star audit. Run the fork-to-star, watcher-to-star, and contributor-depth checks from the section above. A five-minute check that can save months of wasted integration work.
  10. Exit cost. How hard is it to migrate away? Projects that implement standard interfaces (OpenAI-compatible APIs, standard protocols like MCP or A2A) have lower lock-in. Projects with proprietary abstractions that touch every layer of your stack are expensive to leave. Scale your diligence effort to the coupling depth.

Why Does This Matter More for AI Agent Projects?

AI agent frameworks are the fastest-growing category on GitHub right now. They are also the newest, which means less track record, fewer battle-tested releases, and a higher proportion of projects that have not yet survived their first major version upgrade. The CMU study confirmed this: AI/LLM repositories received 177,000 suspected fake stars, making them the largest non-malicious category of manipulation. For background on what these systems actually do, see our guide on what AI agents are and how they work.

The blast radius of an agent framework dependency is higher than a typical library. If a UI component library is abandoned, you have a cosmetic problem. If an AI agent framework is abandoned, you have autonomous processes running on your infrastructure with no upstream security patches, no compatibility updates when model providers change their APIs, and no community to help you debug production issues. The security implications of running agents as processes compound this: a framework vulnerability in an agent that has file system access, API keys, and network connectivity is a different class of problem than a bug in a charting library.

There is also a legal dimension that most teams have not considered. The FTC finalized a rule in October 2024 explicitly banning fake indicators of social media influence for commercial purposes, with penalties up to $53,088 per violation. The SEC has already charged startup founders for inflating traction metrics during fundraising (HeadSpin's CEO faced wire fraud charges for misrepresenting metrics to investors). If a vendor inflated their GitHub presence as part of a sales process, and you relied on that metric in a procurement decision, the credibility problem extends beyond the technical. For organizations in regulated industries, vendor credibility is not just a technical concern.

What Are the Real Signals That an Open-Source AI Project Is Production-Ready?

The fix is straightforward: stop treating vanity metrics as substance metrics. Here is a side-by-side comparison of what teams commonly look at versus what actually correlates with project health and longevity.

Vanity signalSubstance signal
Star countFork-to-star ratio + external contributor count
"Trending on GitHub"Consistent commit cadence over 12+ months
VC funding announcementPublic roadmap with shipped milestones
Blog post hype / viral tweetProduction case studies with named companies
Discord member countIssue response time under 48 hours
Package download countNumber of dependent projects in production

Bessemer Venture Partners, one of the firms that actually tracks this rigorously, calls stars "vanity metrics" and instead tracks unique monthly contributor activity (anyone who created an issue, comment, PR, or commit). Their research found that fewer than 5% of the top 10,000 projects ever exceeded 250 monthly contributors, and only 2% sustained it across six months. That kind of sustained engagement is almost impossible to fake.

Package downloads are also manipulable. A developer demonstrated this by using a single AWS Lambda function on the free tier to push a package to nearly 1 million npm downloads per week, surpassing legitimate packages. The CMU study confirmed that of repos with fake star campaigns that appeared in package registries, 70.46% had zero dependent projects. Downloads without dependents is the package-manager equivalent of stars without forks.

How Should This Change Your AI Vendor Evaluation Process?

If your organization is evaluating AI tools, whether open-source frameworks or commercial products that cite open-source traction as proof of market fit, here are four concrete changes to make.

When a vendor cites GitHub stars in a pitch deck, ask for fork counts, contributor counts, and issue response times instead. Any vendor with genuine community adoption will have these numbers readily available. A vendor that can only point to stars is either unaware of the problem (a yellow flag) or hoping you are (a red one).

When evaluating an open-source AI tool internally, require a lightweight technical review. Not a multi-week audit, but 30 minutes with the checklist above. The review should answer: is this project actually maintained, is the community real, and what is our exit cost? Do not let the decision rest on a developer saying "it has a lot of stars."

Build a dependency risk register for your AI stack. Track the maintenance status of your core open-source dependencies quarterly. A project that was healthy six months ago can lose its primary maintainer and go dormant in a month. Catching that early gives you time to plan a migration rather than scrambling after a security disclosure with no upstream fix.

Scale your diligence to coupling depth. A utility library you call in one place is a low-risk dependency. An agent framework that structures your entire AI workflow, manages prompts, orchestrates tool calls, and handles state is a high-risk dependency. The due diligence bar should match how expensive it would be to replace the tool if the project dies or pivots in an incompatible direction.

The star economy exists because the platforms, investors, and evaluators have not caught up to the manipulation. GitHub has not implemented weighted popularity metrics. Most VCs still scrape raw star counts. Most internal evaluations still treat stars as a credible signal. Until that changes, the responsibility falls on the teams making the adoption decisions. A five-minute check of fork ratios, watcher counts, and contributor depth is not a comprehensive audit, but it catches the most egregious cases that raw star counts miss entirely.

Frequently Asked Questions

How many GitHub stars are fake?

A peer-reviewed CMU study (ICSE 2026) identified approximately 6 million fake stars across 18,617 repositories, generated by roughly 301,000 accounts. By mid-2024, 16.66% of all repositories with 50 or more stars were involved in fake star campaigns. The study found that 90% of flagged repositories were eventually deleted by GitHub, confirming the detection accuracy.

How much does it cost to buy GitHub stars?

Marketplace prices range from $0.03 to $0.85 per star depending on volume and account quality. Budget services use disposable new accounts. Premium services use aged accounts with some activity history, making them harder to detect algorithmically. At the low end, manufacturing a seed-round-credible star count of 2,850 costs under $200.

Is it illegal to buy GitHub stars?

The FTC finalized a rule in 2024 banning fake indicators of social influence, including fake followers and engagement metrics, with penalties up to $53,088 per violation. While no enforcement action has targeted GitHub stars specifically, the rule covers any platform metric used to suggest popularity or endorsement in a commercial context. If inflated stars are cited during a fundraising pitch, the SEC wire fraud framework may also apply.

What is a healthy fork-to-star ratio on GitHub?

Most healthy, actively used projects show a fork-to-star ratio between 10% and 25%. Flask (71,000 stars) has a ratio of 23.5%. Ratios below 5% on repos with thousands of stars warrant closer inspection, as bot accounts typically star without forking. The watcher-to-star ratio is an even stronger signal: organic projects average 0.5% to 3%, while heavily manipulated repos can drop to 0.1% or lower.

Are AI and LLM repos more likely to have fake stars?

Yes. The CMU study found AI/LLM repositories to be the largest non-malicious category receiving fake stars, with 177,000 suspected fake stars. The combination of venture capital funding pressure, hype-driven adoption cycles, and the relative newness of most AI tool projects creates stronger incentives for star manipulation and lower detection risk compared to mature software categories.

How do I evaluate an open-source AI agent framework before building on it?

Check maintenance cadence (last commit date, release frequency), contributor depth (number of people who have committed more than once), fork-to-star and watcher-to-star ratios, issue response time, license compatibility, dependency chain health, and exit cost. No single metric is conclusive. The pattern of multiple healthy signals across these dimensions is what distinguishes production-ready projects from inflated ones. Require a lightweight technical review before committing to any framework as a core dependency.