Analysis updated 2026-05-18
Automatically keep a personal GitHub account or organization's block list in sync with a community-maintained spam list.
Run a scheduled daily sync so new spam accounts get blocked without manual review.
Dry-run the tool first to see what it would block before making any changes.
| cyrisxd/block-clankers | 0xghostcat/claude-ai-cyber-security-skills | jigggyzigggy/github-achievements-hunter | |
|---|---|---|---|
| Stars | 17 | 17 | 17 |
| Language | Shell | Shell | Shell |
| Setup difficulty | easy | easy | easy |
| Complexity | — | 3/5 | 2/5 |
| Audience | developer | developer | developer |
Figures from each repo's GitHub metadata at analysis time.
Requires creating a GitHub personal access token with scopes matching whichever accounts or orgs you target.
Block Clankers is a GitHub Action that automatically blocks known spam bot accounts from your personal GitHub account or from every organization you administer. It works by pulling down a community maintained list of known spam accounts and syncing your GitHub block list against it on a schedule, so new spam accounts get blocked automatically without you having to do it by hand. To use it, you fork the repository, create a GitHub personal access token with the right permissions depending on whether you want to protect just your own account, specific organizations, or every organization you admin, and save that token as a secret in your fork. You then enable GitHub Actions and either run the workflow manually for a first sync or let it run on its built in daily schedule. It can also be added to any existing repository's workflow file instead of forking, by referencing the action directly. The README documents several settings you can adjust: which accounts or organizations to target, whether to only log what it would do without actually blocking anyone, and whether accounts removed from the source list should also be unblocked, which is turned off by default so a change to the list cannot silently undo blocks you rely on. A fair amount of the README is dedicated to being careful with GitHub's API limits. It only makes write requests when something has actually changed, spreads out large batches of new blocks over multiple scheduled runs instead of doing them all at once, and automatically pauses and retries if it gets rate limited. It also plainly states that using the tool means trusting whoever maintains the source list of spam accounts you point it at, and suggests pinning to a specific version of that list if you want more control. This is a practical, well documented automation tool for GitHub account and organization maintainers who want to reduce spam without manually reviewing and blocking each account. It is released under the MIT license.
A GitHub Action that auto-blocks known spam bot accounts on your personal account or organizations by syncing against a community-maintained block list on a schedule.
Mainly Shell. The stack also includes GitHub Actions, JavaScript.
Setup difficulty is rated easy, with roughly 30min to a first successful run.
Mainly developer.
This repo across BitVibe Labs
Verify against the repo before relying on details.