I was looking into the issues in this -probably- abandoned library and noticed this account helpfully offering to take over the project. The account has no other activity than this post after it's been created 5.5 months before. Seems like it could be a supply chain attack (or maybe just some LLM agent raising github stars).
Does github have a mechanism for flagging suspicious accounts? Reporting doesn't seem like the right idea without any actual wrong-doing.
