RSS

Slopinator: Attack AI training with poisoned GitHub repositories

atomic1284 pts2 comments

the-slopinator/slopinator: Destroy AI with slop GitHub repositories. - Codeberg.org

This website requires JavaScript.

the-slopinator/slopinator

Watch

Star

Fork

You've already forked slopinator

Code

Issues

Pull requests

Activity

Destroy AI with slop GitHub repositories.

10 commits

1 branch

0 tags

106 KiB

Rust

100%

main

Find a file

HTTPS

Download ZIP<br>Download TAR.GZ<br>Download BUNDLE

Open with VS Code

Open with VSCodium

Open with Intellij IDEA

the-slopinator

0407b93750

Upload files to "src/model_clients"

2026-05-19 04:26:46 +02:00

src

Upload files to "src/model_clients"

2026-05-19 04:26:46 +02:00

Cargo.lock

Upload files to "/"

2026-05-19 04:19:51 +02:00

Cargo.toml

Upload files to "/"

2026-05-19 04:19:51 +02:00

LICENSE

add LICENSE

2026-05-19 02:32:43 +02:00

README.md

Upload files to "/"

2026-05-19 04:22:56 +02:00

README.md

Slopinator

🤖 💥🔫

Destroy the next generation of AI models by uploading poisoned code repositories to GitHub.

Why?

GitHub is extensively used as a training data source by AI labs. Microsoft, which owns GitHub, even trains on private repositories. By creating legitimate-looking repositories filled with poisoned code, Slopinator aims to destroy the next generation of models and make GitHub an unsafe place for labs to obtain training data.

Warning

Using this tool is a violation of GitHub's Terms of Service. Please ONLY use with throwaway accounts, while connected to a VPN, and in an incognito browser session.

Proceed at your own risk.

Prerequisites

You will need the following tools installed:

a VPN

GitHub CLI

jq CLI

Ollama

A decent local model installed - Gemma4 is recommended

Cargo (Rust) - needed for initial installation

Setup

Installation

Caution

Only install while connected to a VPN.

Install the CLI from source:

cargo install --git https://codeberg.org/the-slopinator/slopinator<br>Secrets Configuration

Slopinator uses a secrets file to access GitHub accounts and perform VPN checks. Copy the following file to your secrets location (ex: secrets.json).

Important

Be sure to specify the IP address of your chosen VPN server in the vpn_ip field. Slopinator will check your public IP before each GitHub interaction to ensure you're always connected to a VPN.

"vpn_ip": "",<br>"accounts": []<br>Usage

Getting Help

View available commands:

slopinator --help<br>View options for a specific command:

slopinator --help<br>Be sure to view available options before running each command.

Poison Ingestion

Firstly, you'll need a stockpile of poisoned code. The ingest command runs a loop that downloads poisoned code from the poison fountain (not affiliated with this tool), classifies and names it using a locally running Ollama model, and saves it to a vault directory of your choosing.

slopinator ingest --vault-directory<br>It's recommended to run the ingestion loop for 3-4 hours to build up a substantial initial stockpile of poison.

Account Creation

Slopinator includes the new-account command that helps automate the process of creating new GitHub accounts. First, you'll create an email address (the workflow uses Proton Mail). Then, you'll create a new GitHub account and personal access token that will be saved to your secrets file.

The command will open the necessary webpages for account creation and walk you through the sign-up process.

Note

This command will only work on MacOS and assumes you have Google Chrome installed.<br>If you're not on a Mac, you can do this process manually. See the full sign-up flow in src/create_new_account.rs.

slopinator new-account --secrets-file<br>Repository Creation

The is the heart of the tool. The produce command generates convincing looking repositories filled with poisoned code and uploads them to GitHub.

With each iteration, Slopinator:

Picks a random account from your secrets file

Grabs a random selection of files from your poison vault

Generates a repository name & description based on the selected files

Organizes the files into a convincing looking directory structure

Generates a README for the repository

Commits one file a time with realistic time advancements between commits and realistic commit messages

Uploads the repository to GitHub

slopinator produce \<br>--secrets-file \<br>--vault-directory \<br>--repos-directory<br>Troubleshooting

GitHub rejects account creation due to "suspicious network activity".<br>Try a different VPN server and ensure you're using a trustworthy email account provider (such as Proton).

Proton blocks third-party account signups on your new email account.<br>Verify a recovery email address for your Proton account. The `new-account` command includes an optional step to automate this.

slopinator github account file files secrets

Related Articles

Elevated error rates on requests to multiple models

recroad9 ptsclaude incident islands rates elevated error

Donald Trump and sons to be 'forever' exempt from tax audits

doener9 ptsdigital access newsletters premium financial times

PopuLoRA: Co-Evolving LLM Populations for Reasoning Self- Play

AMavorParker8 ptstasks model training self populora play

Old Reddit Is Down

Crunsher7 ptsdata autoplay videoplayerelement comments function false

The ultimate female fantasy – A feminist critique of Beauty and the Beast

muge6 ptsbeast story paglia beauty older butler
terms · privacy · disclaimer · contact · policy
© 2026 NewsHub. All rights reserved.
This site is for informational purposes only. Content is aggregated from publicly available sources. We may earn commissions through affiliate links. Not affiliated with Y Combinator or Hacker News.