This is now the open source problem. And why my personal opus of work has been removed from online repositories.
Who gave them "the right to scan"? You did by hosting your open source in public. But scanning a public service prior to AI was still covered by "Unauthorized System Access".
But what if they are wrong, and given the self-serving nature of these scans, now your repo is just OJ Simpson? And your software is banned due to an external scan you did not ask for?
Is there no one in this world who will be accountable for any thing at all?
Can we sue the scanners if they are wrong and publish their results for defamation even in a public PR?
These things will happen. IF I had source in the open and a scan result was incorrect that nobody asked for and the results had false positives, I would sue Anthropic for defamation and I would win.
The open source problem argues for a modification of licenses to exclude certain uncompensated use in training commercial LLMs (which may arguably already be a violation).
With careful prompting, LLMs will give up some of their sources and methods. Claude describes the legally and ethically suspect methods Anthropic used acquiring training materials for its models.
The IP law and courts are starting to catch up (re: Anthropic settlement September 2025), but licensing language and enforcement has not.
Good luck getting anyone who values their time to even triage the results.
I would rather lick the bottom of a NYC dumpster that a rat had just died in.
Software will eventually become "unmaintainable due to lack of interest", because of this very thing. People not invested in this are not "in peril" in any way.
A lot of people are invested without realizing it. I'm typing this on a computer running linux, with all the standard services/software. I maintain one OSS project (icecc - we have always said only run on trusted networks. I'm sure there are a lot of issues in our code but nobody has bothered run a scan yet to my knowledge), but I don't pay attention to everything. I'm sure there are known easy to exploit (with a LLM) issues on this computer just because my distro hasn't updated yet. (I need a better distro, but even the most up to date will constantly have these issues)
What you just described may be accurate. But it also is the essence of a "trap".
My comment about investment was more to that point.
If software "is a trap", even my ever-computing loving wrote first programs on an Apple II in the 80s will only be as you sort of describe invested in by reference (minimal usage).
But no-one will sign up for a "trap" as a career, and only those who do will deal with its problems. The first thing that comes to mind is "Johns", "Hotels", and the trappings of the sex trade.
Who gave them "the right to scan"? You did by hosting your open source in public. But scanning a public service prior to AI was still covered by "Unauthorized System Access".
But what if they are wrong, and given the self-serving nature of these scans, now your repo is just OJ Simpson? And your software is banned due to an external scan you did not ask for?
Is there no one in this world who will be accountable for any thing at all? Can we sue the scanners if they are wrong and publish their results for defamation even in a public PR?
These things will happen. IF I had source in the open and a scan result was incorrect that nobody asked for and the results had false positives, I would sue Anthropic for defamation and I would win.