An analysis of the OpenClaw GitHub repository has revealed that 20% of pending pull requests are duplicates, representing approximately 2,000 hours of wasted developer time. VectorCertain LLC used its multi-model AI consensus platform to examine all 3,434 open pull requests in one of the world's most starred AI projects, which has 197,000 followers. The analysis identified 283 duplicate clusters where multiple developers independently built identical fixes, with 688 redundant PRs clogging the review pipeline. The largest duplication cluster documented involved 17 independent solutions to a single Slack direct messaging bug. Security fixes were found to be duplicated three to six times each while known vulnerabilities remain unpatched.
VectorCertain's findings arrive during a pivotal transition for OpenClaw. Project creator Peter Steinberger recently announced his departure to OpenAI and the project's transition to a foundation structure. The analysis demonstrates that governance challenges extend beyond duplicate PRs, as the project has faced mounting security concerns including the ClawHavoc campaign that identified 341 malicious skills in its marketplace and a Snyk report finding credential-handling flaws in 7.1% of registered skills. "Unit tests verify that code does what a developer intended," explained Joseph P. Conroy, founder and CEO of VectorCertain. "Multi-model consensus verifies that what the developer built is the right thing to build. These are fundamentally different questions, and large-scale open-source projects need both."
The analysis used three independent AI models—Llama 3.1 70B, Mistral Large, and Gemini 2.0 Flash—that evaluate each PR separately before fusing their judgments using consensus voting. The platform processed 48.4 million tokens over eight hours at a total compute cost of $12.80, or approximately $0.0037 per PR analyzed. The complete methodology and findings are detailed in the complete report available online at https://vectorcertain.com/openclaw-analysis. The claw-review tool used for this analysis is available as open source software under MIT License at https://github.com/jconroy1104/claw-review, enabling other projects to conduct similar analyses. VectorCertain's enterprise platform scales this multi-model consensus approach to safety-critical domains including autonomous vehicles, cybersecurity, healthcare, and financial services.
With PR submissions vastly outpacing review capacity—over 3,100 PRs pending at any given time despite maintainers merging hundreds of commits daily—the 2,000 hours of wasted developer time identified represents just the tip of the iceberg. The analysis highlights systemic challenges in open-source governance where redundant work consumes scarce maintainer attention that could otherwise be directed toward innovation and security improvements. The findings suggest that without improved governance mechanisms, even highly popular open-source projects can become inefficient and potentially vulnerable as they scale, with duplicate efforts diverting resources from critical security patches and feature development.
