Your repo
has a bouncer
now.
pr-captcha checks ID at the door. Every unknown PR has to prove a real GitHub human is present before it touches your queue or your CI.
Watch it work.
A drive-by PR opens, the human check posts, a contributor clears the door, and held CI releases. No code ever runs.
When a PR costs nothing to send, maintainers inherit the spam. One fast-growing repo went from 2 PRs a week to 3,400 while its merge rate fell off a cliff.
Not AI detection. A door.
pr-captcha never guesses whether a patch was written by a model, and never checks out or runs the code. It reads metadata, binds the commit, and asks for one logged-in human.
PR opens
A pull request lands under your policy: everything, or a narrower target.
Check posted
A SHA-bound pr-captcha/human check and one comment appear.
Human shows
Contributor signs in with GitHub and clears a browser check.
Signal published
The exact commit is marked human-verified. New commit, new check.
You decide
Use it for triage, branch protection, or releasing held CI.
Stop refereeing taste. Charge at the door.
You can't reliably detect AI, and you shouldn't have to. Move the cost to the sender: a logged-in human, bound to one commit. Cheap for real contributors, annoying for spray-and-pray bots.
It's not a Turing test. It's a guest list.
★☆☆☆☆ "Tried to spam this repo. It made me log in. Like a human. Zero stars."a bot, allegedly
We don't run your PR's code. We've seen your PR's code. We're good.
git push→ "200 OK, but who are you?" →pr-captcha/human: pending
Don't let your CI runners be some AI agent's free GPU.
See it before you install.
Every tool below runs on the free hosted Worker. No install required to look around.
After installing, generate a policy in the setup wizard and check service health on the status page.