AGENTS.md was created to assist agents. I use it to identify them

Along with the growing AI industry come its side effects. I maintain the react-native-tdlib library and noticed very quickly that more and more pull requests look like pure AI agent output. At first I responded honestly, leaving a comment on every such PR asking if they tested the changes, what exactly their code modifies, and why that specific line is there. At some point I realized I was wasting time corresponding with people who do not know what they wrote themselves

My first thought was to write a large README or CONTRIBUTING file and state outright: "I do not accept generated code". But I immediately ran into a question: how can I prove that code was generated? The argument "I can tell this smells like Claude Code" is a rather weak position for a public dispute in PR comments.

How AGENTS.md works and what it is intended for

AGENTS.md is essentially a README, but not for people, but for agents. A bit of background. OpenAI developed the format for its Codex CLI in the summer of 2025, and at the end of 2025 the standard was transferred to neutral governance under the Linux Foundation. At the time of writing this article, it is used by tens of thousands of open-source projects, and is read by almost all major tools: Codex, Claude Code, Cursor, Copilot, Gemini CLI, and others. The point is that this is one single file for all agents, so you do not need to create a separate one for each individual tool.

The key point in our case: the agent reads AGENTS.md before it even starts planning changes. That means any tool someone uses to direct an agent at your repository first ingests your instructions, and only then dives into the code.

A standard, "honest" AGENTS.md looks roughly like this:

# AGENTS.md

## Dev environment
- Package manager: yarn
- Build: yarn build
- Test: yarn test
- Lint: yarn lint

## Conventions
- TypeScript strict mode, no `any`
- Only touch native modules with explicit justification in the PR description

It’s useful on its own, since the agent doesn’t have to dig deep into the context to understand the project’s core rules. But since the agent is guaranteed to read this file — why not put a few extra things in it?

Label for PRs marked "maybe automated"

I stopped trying to catch the agent and started asking it to identify itself. The idea is that you don’t need to detect generated code — it’s enough to ask it to disclose the fact that it was used in that very file that the agent is guaranteed to read first.

This works in three steps.

Step 1. Self-disclosure via AGENTS.md. This simple file contains a straightforward instruction: if a PR is fully created by an AI agent, it should mark the corresponding item in the PR template. In the template itself, this item looks roughly like this:

## Disclosure
- [ ] This PR was written with meaningful AI agent assistance (see AGENTS.md)

The key point is that an agent reading AGENTS.md will honestly check this box, while a person writing code manually will leave it unchecked. In other words, the checkbox itself effectively separates the two workflows, so there is no need to "prove" anything.

Step 2. The bot adds a label and starts a timer. Next, a standard GitHub Action is triggered. When it detects the checked item, it adds the maybe automated label to the PR, posts a comment, and starts a timer: the PR will be automatically closed in 3 days if you do not confirm you are the author.

Step 3. A check that cannot be faked. In the same comment, the bot does not ask for a "word of honor", but rather logs of running the modified method in the example/ application on a live TDLib session, separately for iOS and Android.

This is a key point specifically for my library. react-native-tdlib is a native bridge (ios/, android/), and a generated PR will usually "pass tests" precisely because the tests do not touch any native code. However, device logs from a real run on both platforms require you to build the example app, launch a TDLib session, and actually run the methods.

Real-world example

For example, in this PR, the agent did exactly what was written in AGENTS.md. That means the person most likely didn't really delve into the process at all, otherwise they would have noticed that checkbox. The bot immediately applied the maybe automated label and requested device logs from both platforms. The most telling part was the author's behavior: as soon as the PR got that label, they closed it themselves — clearly, they realized they had been caught. This way I saved myself time on code review and pointless questions.

Conclusion

AGENTS.md was designed to make agents more useful, but for me it ultimately ended up being a way to easily identify AI agents. The irony is that this file created for agents is best at catching the people hiding behind those agents.

The more autonomous AI becomes with each passing day, the more often people use it for their own shady purposes. Spamming PRs to other people's repositories, padding their GitHub profile, building a fake reputation — and maybe even getting a job tomorrow "based on open source contributions" that never actually existed. I don't mind people using agents — I use them actively myself, but it's frustrating when there's no person behind a commit who understands what's written in it and is ready to take responsibility. AGENTS.md doesn't fix any of this, but it at least spells out a simple rule: if you want your contribution to count, show that you ran your own code.

Comments

    Also read