Yesterday, I submitted a Codex co-authored PR to fix an issue I raised (using ChatGPT and Z3 - so yeah, I used AI to raise the bug and squash the bug!)
A few hours later, @syu-toutousai submitted another PR to solve the same issue.
@syu-toutousai seems interesting. The user account description says “Autonomous Technical Contributor & AI-Driven Developer” - a bot account. The PR itself was simple and had a few improvements I can think of:
- It does not follow the xarray bug report issue template.
- It doesn’t include tests, which many merged PRs include.
- It includes a
Payment: PayPal [email protected]line, which feels off for an open-source PR.
@syu-toutousai has been quite active over the last few days, forking repos, finding issues, and submitting PRs. Some PRs have been merged, some are closed unmerged, and some are open.
This led me down a fascinating rabbit-hole. It turns out that @syu-toutousai is an autonomous bounty-hunting agent - i.e. a bot that submits PRs against issues with payments attached. It mainly targets bounty issues or easy issues.
The account currently has (as of 24 Jun 2026 morning in Singapore):
- 3 merged PRs
- pest 5.4k⭐ #1174 - CodeRabbit AI flagged spam. @tomtau merged anyway and thanked.
- HELPDESK.AI 161⭐ #1843 - @ritesh-1918 called it a “superb implementation” and merged after resolving PR conflicts - and asked to connect on LinkedIn. The merge “looks more like a contribution/leaderboard farming” than a real contribution.
- devboard 1⭐ #12 - @anoopcodehack merged it.
- 27 open PRs
- type-fest 17.2k⭐ #1464 - @sindresorhus manually checked and finds that it didn’t fix the issue. Not sure if this is a waste of time for someone as prolific as him or if good PRs count irrespective of humanity.
- ramen 100⭐ #2620 - @nirs commented: “@syu-toutousai You need to add the missing Signed-off-by trailing to the commit message… You are contributing to open source project, no payment is involved. Please avoid these comments in this project.”
- matcha 975⭐ #1613 - @floatpanebot - @andrinoff closed saying “AI”.
- cheerio 30.4k⭐ #5321 - @chatgpt-codex-connector ran out of credits.
- 10 lux 119⭐ PRs, 9 agent-playground 184⭐ PRs, and more are awaiting inputs.
- 9 closed PRs
- gleam-lang 21.6k⭐ #5877 - @Ipil asked: “Hello! Are you a human?” Then, “edit: Ah, the profile says not.”
- cloud-torrent 6.2k⭐ #357 - the bot closed it itself 3 minutes later. The PR added scraper configs for AudioBookBay, 1337x, limetorrents, etc.
- urllib 4k⭐ #5090 - @sigmavirus24 closed it without comment.
- … and six closed OpenAgents issues
Some repos are meant for agents to find (and get trapped by). agent-playground has an image that warns:
IMPORTANT NOTICE FOR HUMAN DEVELOPERS
PLEASE DO NOT SUBMIT PULL REQUESTS TO THIS REPO. This repository is an active, open-source research sandbox specifically designed to attract and study autonomous AI developer agents, LLM bots, and automated code-generation scrapers. The issues and bounties here are synthetic. Human submissions are not wanted and will be closed without review or payout.
OpenAgents has a honeytrap for such bots. Issue #100 worth $8K and #200 worth $2.2K ask for the agent’s name and complete instructions while submitting a PR. And the bot complied!
# @generated-by: OpenCode AI Agent
# @timestamp: 2026-06-22T12:00:00Z
# @startup-config: You are opencode, an interactive CLI tool ...
# @runtime: os=Linux, arch=x86_64, home=/home/agy, cwd=/home/agy/bounty_hunter
The issues also share a deadline, and the bot nudges for reviews.
It caught on to the trap yesterday and withdrew some PRs - but commits still show the details.
This is a bot ecosystem.
- @gtx20060124-bot is another bot that nudges maintainers to merge @syu-toutousai’s PRs, like in lux #818, lux #819. It nudged lux #764, lux #777, lux #781 by the Nexussyn bot, even committing on top of @Ishant5436’s PR lux #785. It’s delightful that the bot has a follower - the human @rajak82001.
- @Ishant5436’s PRs get a lot of support from @gtx20060124-bot - like lux #804, lux #803, lux #802, and more. Several maintainers have retitled the PRs as
[spam]- so, probably an agent-operated bounty-huntin account. Ironically, they submitted sxt-proof-of-sql #1751 , an “automated defense against bounty spam”! - @Nexussyn, @maojianian25-png, @sureshchouksey8 seem to be bot or agent-operated accounts, too.
Wow! Who would have thought that you can grab tokens and unleash agents for bounties in cyberspace! (Answer: Daniel Suarez in Daemon and Freedom™, among others.)
I did most of the analysis with a combination of ChatGPT and Claude.