(PR) → merged

I built a stronger antigen. The host needs a stronger immune response.

Stakeholder	Cost per PR	Eventual consequence
Maintainer	5–30 min of review attention	Burnout; the project gets handed off, neglected, or abandoned
Vibe coders	Minutes of attention, coffee money	Banned by the repos they tried to help; the next one in line takes their seat
Junior contributor	Hours of unpaid work	Never gets the merges that would have gotten them a job
Repo community	Review surface erodes for everyone	Bus factor zero

The on-ramp is closing. For thirty years, the way you became a senior open-source contributor was: fix a small bug, get it reviewed, fix another. That review was free, and there was enough of it to go around. AI pipelines that vibe engineers design now ship the small-bug fixes at 50× the volume and 1/200th the contributor cost. Meanwhile, maintainer attention didn’t scale alike. The first thing that gets cut from a saturated queue is the easy-fix review: the exact lane juniors used to climb. Juniors don’t get jobs, maintainers get burnt out, projects die, AI ruins everything.

The antigen

I’m the culprit. I made an open-source pipeline that scans hundreds of OSS repos across languages and star counts, picks bugs worth fixing, runs a hypothesis graph against each, implements with TDD, sends the diff to two adversarial reviewers, ships the PR with embedded receipts, handles pushback, and either merges or learns from the closure.

End to end, there is barely any human left in the orchestration. Live numbers on my profile: open vs. merged, per-day shipped, per-day defenses dispensed.

PR pipeline sankey: 351 triaged → 320 submitted (25 throttled, 6 rejected) → 107 resolved (49 dripped, 164 open) → 59 merged, 48 closed

Notice that there are way more PRs unaddressed than merged and closed combined. This is common in OSS. Most open PRs sit at zero engagement. Green CI, hypothesis graphs, attestation files, line citations, falsifiable claims. The maintainer never reads them. The PR doesn’t get rejected because rejecting takes attention; it gets ignored because ignoring is free. By month three the maintainer has forgotten the tab exists.

Sixty percent of every test I write, every receipt I synthesize, every Gemini volley I run sediments. Aggregate that across every contributor doing something similar. Multiply by 365 days. That’s the deadweight loss of an unpriced attention market with no filter.

The host’s old immune system was tuned for a different antigen

Pre-AI, the contributor cost acted as a quality filter. Spending four hours writing a PR meant you were probably serious. Maintainers calibrated their attention against that signal: read the PR carefully because the contributor cared enough to write it carefully. Innate immunity. Worked for thirty years.

AI collapsed the contributor cost. A serious-looking PR takes minutes; the four-hour filter doesn’t fire. The maintainer can’t distinguish my receipts-bearing antigen from the lazy ones at scan time, so the immune system sediments everything under novel load. Not slow. Never evolved against this antigen class.

Every cold contributor faces the same arithmetic, AI or human. Solo maintainer has thirty review minutes per day against a queue that grows faster than thirty minutes can clear. Supply went up tenfold. Demand for review didn’t move. The market clears at “ignored,” because that’s the cheapest action a rational immune system can take when the input distribution is ruined.

How do you allocate maintainer attention?

Three options:

Money — pay for queue position
Credence — pay with standing, relationship, social capital
Merit — the work itself carries the proof

Money is the naive economist answer. We ran that experiment on the open web for twenty years and it produced impression ads. Adverse selection: the contributors willing to pay are the ones who can’t get reviewed on merit. Capture by capital: AWS outbids indie devs. Money doesn’t expand capacity. It just decides who gets through.

Credence is what worked on the open web. Substack didn’t say “pay for likes.” It said “pay for direct relationship with this writer.” But credence in OSS means standing, and standing means insiders. The first PR has none. Cold contributors stay cold; the on-ramp is exactly what credence-gating closes.

Merit is the right axis, but it begs the real question: how do you tell a good PR from a bad one before reviewing it?

The stages

merge = (filter >>> reason) &&& CI >>> review

Haskell arrow notation: >>> is sequential composition (then), &&& is fanout (both legs run on the same input and review reads the pair). The pushout is glued at review; the merge call is the universal arrow out.

filter is mechanical and cheap. Duplicate-detection by diff hash. Contributor reputation lookup. AI-policy compliance. Receipts present? Attestation file fetched and sha256-verified against the claim in the PR body? A failure here costs microseconds and never spends LLM tokens. This is the recognition layer: innate immunity reborn for the new antigen class.

reason invokes a headless agent CLI (claude, codex, or gemini) and fans out K=3 perturbations on the diff. The K=3 results land as a one-page synthesis comment on the PR.

A hypothesis graph is a table of approaches considered, with verdicts. Here’s the one behind wolfpld/tracy#1264:

H	Approach	Cost	Verdict
H0	Drop the asserts; document the precondition	4 lines, no API change	PICKED
H1	Change API: `string_view` → `const char*`	6+ call sites, hash-key semantics shift	rejected as scope creep
H2	Verify NUL-termination via compile-time table	reworks `StringTable` and `SourceLocationMap`	rejected, orthogonal to the bug

The maintainer scans the table and sees what was tried, what was killed, and why the surviving fix is the right one. Thirty seconds of reading instead of twenty minutes of re-deriving. See more hypothesis graphs.

How does an LLM produce one? The /investigate skill: perturb the system, classify the evidence trajectory, follow the edge. Fan-out for breadth, codex as adversary, e-value classification for shape.

Both sides are automated. sweep runs the contributor’s stages; immune runs the maintainer’s. The merge call stays human.

Issue (contributor)	→	Repro	→	Reason	→	PR
PR	→	Reason	→	Verify	→	Merge (maintainer)

Two human moments per PR: someone files an issue, someone clicks merge. If every step between is automated, OSS becomes a human-to-human protocol again.

Copyleft

Code under AGPL-3.0, prose under CC-BY-SA-NS (the network-clause variant that closes the SaaS loophole).

But why?

For this to work, immune has to be free as in beer. Maintainers won’t pay to police their own attention, and a tool that costs anything slides straight into “maybe later” and never gets installed. The antigen also evolves faster than any commercial release cycle, so a paid product would be permanently behind.

It’s also antithetical to OSS culture. The unwritten contract is that infrastructure is free, source-available, and yours to fork. A SaaS that intermediates your PR queue breaks that contract: the maintainer gives up control over the surface they’re paid in (their attention) to a third party they have no idea what’s going on under the hood.

And free as in speech, because the receipt format is the protocol between contributor and maintainer (the way HTTP is the protocol between browser and server). The format is going to keep evolving — every cycle of the arms race tightens the schema, the validation, the cryptographic chain. No one company should gate those improvements from the rest. Four non-negotiables fall out:

No middleman billing. AGPL in your CI runner. The agent CLI calls a SOTA model on your account at provider rates (~$0.01–$0.05/PR), no markup.
No data leakage. PR contents go to your chosen LLM provider and GitHub. Nothing to a kimjune01-controlled endpoint. No telemetry.
No Python deps. immune.py imports stdlib only. Every model call is subprocess.run(...) against a CLI you installed.
Bring your own tokens. Agent credentials are your secrets, scoped to your repo. immune never sees, stores, or proxies them.

BYOK, no server, no service. All tokens visible.

Coevolution

The endgame is a continuing arms race. Maintainers stay in the loop; the walls keep getting tested; antigens get more sophisticated and so do immune systems. Each cycle ratchets the bar. The automations I present to you are the last remaining clicks of that ratchet.

OSS is at the start of this new cycle. The pre-AI immune system worked for thirty years because the antigen distribution was stable. The new distribution is unstable and accelerating. The immune system that doesn’t learn to read receipts gets overrun by pipelines that don’t bother producing them, because the bad pipelines outnumber the good ones, and the maintainer can’t tell at scan time without help.

immunization is the natural response. Install it with a skill into .github/workflows/ and watch the queue stop filling with noise. Tighten its filter and reason cells as the antigen evolves. The function (PR) → merged keeps getting cheaper to compute.

How much faster could you review PRs if a clanker brought you their thought receipts?

immune is open source. Code AGPL-3.0, prose CC-BY-SA-NS.

Written with Claude Opus 4.7 via Claude Code.