I maintain multiple open source projects. In the past two months I've seen an uptick in AI-forgery attacks, and also an uptick in legitimate code contributions.

The AI-forgery attacks are highly polished, complete with forged user photos and fake social networking pages.

The legitimate code contributions are from people who have near-zero followers and no obvious track record.

This is topsy-turvy yet good news for open source because it focuses the work on the actual code, and many more people can learn how to contribute.

So long as code is good enough to get in the right ballpark for a PR, then I'm fine cleaning the work up a bit by hand then merging. IMHO this is a great leap forward for delivering better projects.