Godot's maintainers are about to write into their contribution policy that AI cannot submit code to the engine, full stop. Not "AI-assisted with disclosure," not "reviewed case by case" — banned, alongside AI-generated text in any human-to-human communication with the project. The Godot Foundation confirmed the change this week after months of what one maintainer called an "increasingly draining and demoralizing" flood of what the community calls slop pull requests.

Godot isn't a niche codebase. It's the open source engine behind commercial releases like Slay the Spire 2 and The Case of the Golden Idol, run by a foundation with a handful of paid core staff and a much larger volunteer reviewer base — the same structure that makes almost every mid-size open source project vulnerable to the same failure mode.

The pitch, and what's actually happening

The framing in most of the coverage is a code-quality story: an open source project drowning in low-effort AI submissions finally pulls up the drawbridge. That's true as far as it goes. Godot flagged the problem back in February, and by July the volume hadn't eased off enough to keep tolerating it. The Foundation's own language leans hard on competence — "we can't trust heavy users of AI to understand their code enough to fix it" — which reads like a claim about output quality.

But read the policy change next to what the Foundation actually says it's protecting, and the quality framing turns out to be the wrong test. The line that matters isn't about whether the code compiles. It's this one: contributors need to be people "who are accountable for their code — and fixing it if it fails," because "AI cannot take responsibility." And underneath that: the Foundation explicitly wants "a pipeline to mentor new contributors to become future maintainers." Godot isn't primarily rationing code quality. It's rationing a scarcer resource — the handful of human hours senior maintainers have to spend turning a stranger's pull request into a future co-maintainer. An AI submission has no one on the other end who can be mentored into that role. The review time either produces a better piece of code, or it produces a better human contributor who sticks around for the next ten years. Godot has decided AI PRs can only ever produce the former, at best, and increasingly produce neither.

The counter-case: disclosure works, ban is the blunt instrument

The strongest objection to what Godot did doesn't come from AI boosters — it comes from the Linux kernel, which spent the first months of 2026 arguing this exact question and landed somewhere else entirely. After a public clash between Intel's Dave Hansen and Oracle's Lorenzo Stoakes over how aggressively to police AI tools, the kernel settled on a disclosure regime rather than a ban: an "Assisted-by" tag naming the agent and model, sitting alongside — never replacing — a human "Signed-off-by" who accepts full legal and technical responsibility for the patch. AI-generated code is welcome in Linux. It just can't hide.

That's a coherent, arguably more scalable answer to the same problem Godot is solving for. The kernel's logic is that accountability is a property you can attach to a contribution rather than a property you have to gatekeep at the door — tag it, make a specific human sign for it, and the incentive problem mostly resolves itself, because that human now owns the fallout. NetBSD, by contrast, went further than Linux and closer to Godot, presuming LLM-generated code "tainted" unless core explicitly approves it; Gentoo and QEMU also reject AI-derived contributions outright. So the field is genuinely split between "disclose and attach a name" and "don't bother, just say no," and it's worth taking seriously that the disclosure camp includes the single largest, most reviewer-constrained open source project in existence.

Where the Linux model breaks down for Godot is the thing that made the kernel's version workable in the first place: a Linux "Assisted-by" patch is still signed off by an existing, known, reputationally invested kernel developer who was going to be accountable regardless of what tool they used. Godot's slop problem isn't coming from established contributors disclosing AI assistance on their tenth patch — it's coming from one-off submitters with no reputation to spend, using an agent to generate a plausible-looking PR against an issue they may not have read closely, then disappearing when review comes back with questions. Disclosure only substitutes for accountability when there's already a person present who intends to stay present. Godot's actual complaint, in the Foundation's own words, is that heavy AI users can't be trusted to understand their own code well enough to fix it when a reviewer pushes back — which means the tag would be attached to nobody who can answer for it. The kernel's rule assumes a durable contributor behind the tool. Godot's slop wave is precisely the case where that assumption fails.

The precedent that makes this look structural, not moody

If Godot's move looked like an isolated overreaction, it would be easy to file under maintainer burnout and move on. It doesn't. curl shut down its six-year HackerOne bug bounty in January after AI-generated vulnerability reports climbed to roughly a fifth of all submissions and, across the entire history of the program, not one of them found a real bug; in the program's final three weeks, submissions ran at eight times normal volume. Daniel Stenberg's framing was almost identical to Godot's: the cost isn't the occasional bad submission, it's that every submission now requires expert human time to disprove, and that time comes out of the same finite pool that used to go toward mentoring and genuine security work. NetBSD, Gentoo, QEMU and Redox OS have each independently arrived at some version of "presumed tainted unless a human vouches for it." What's showing up across unrelated projects with unrelated cultures is the same resource-allocation problem: cheap, plausible-looking AI output is a tax on the scarcest thing open source has, which is senior attention, and every project is discovering that tax rate on its own timeline.

The bet

Godot's own statement leaves itself room to move — "things change every day," the Foundation said, promising to "re-evaluate as things evolve" rather than treating this as doctrine. That's the falsifiable part. If agentic coding tools get reliably better at producing patches that survive review without hand-holding, and if some project finds a disclosure-plus-accountability scheme that actually reduces reviewer burden rather than adding a tag nobody reads, watch for Godot or a peer project to walk the outright ban back toward something closer to the kernel's model within the next twelve months. If instead the AI-authored volume keeps climbing while the fraction of it worth a maintainer's time stays flat or falls, expect the ban camp — NetBSD, Gentoo, QEMU, Redox, and now Godot — to keep growing, and expect the next entrant to arrive from wherever the reviewer-to-submission ratio breaks first.