GitHub permanently banned my account for using Actions to validate VPN nodes
I'm a 20-year-old veterinary student from Russia developing anti-censorship tools. On March 17, 2026, GitHub permanently suspended my account citing Terms of Service violations related to GitHub Actions.
THE PROJECT
Raccoon Squad VPN — an Android VPN client based on Xray-core with DPI bypass for Russian users. Supports VLESS, VMess, Trojan, Shadowsocks, Hysteria2, TUIC. Built entirely with AI assistance over several months.
Source: https://gitlab.com/shray77/rsquad
WHAT THE ACTIONS DID
I had repositories that aggregated and validated free VPN nodes from public sources:
- hpp: Python scraper — fetched node lists, filtered by SNI for VLESS XTLS, validated format, TCP ping. Every 6 hours, ~30 min runtime.
- node-filter: Go L7 checker — connected via Xray, verified handshake, downloaded 2MB test file, measured speed. Every 1 hour, ~30 min runtime.
- loshad-scoc: Scout for new sources — 50+ GitHub dork queries, 15 PAT tokens with rotation, HuggingFace API validation.
- zhopa-bobra: SNI popularity analyzer.
Key facts: No mining, no password cracking, no heavy computation. Nodes from public raw.githubusercontent.com lists. Standard CI/CD validation for network software. ~1 hour Actions runtime per day total.
TIMELINE
Feb 26: Suspended for "suspected compromise" — restored. Feb 27: Suspended for "spam flag" — restored. Feb 27: Suspended for repository rsquad — asked to make private. Feb 27: Suspended for raccoon-release — COULD NOT COMPLY: locked out. Mar 2: GitHub demanded I delete repos. I still couldn't log in. Mar 17: Filed formal legal appeal (7 pages), CC'd legal@github.com. Mar 17: ~70 minutes later — permanent ban.
THE CATCH-22
GitHub demanded I delete repositories to resolve the suspension. But the account was suspended, preventing login. I informed support multiple times. No resolution.
THEY ARE HOLDING MY CODE HOSTAGE
I have no access to my repositories. No export. No backup. GitHub is effectively holding my intellectual property hostage. Under GDPR Article 20, I have an unconditional right to data portability. GitHub is refusing to comply.
This is, de facto, theft of intellectual property. The code I wrote is locked behind their wall with no legal basis for retention.
GDPR VIOLATION
Article 20 grants right to data portability. I'm locked out with no export option. DPO request unanswered beyond automated ticket.
CURRENT STATUS
- FTC complaint filed - DPO contacted — only automated ticket number - Project migrated to GitLab: https://gitlab.com/shray77/rsquad
I'm sharing this because enforcement was arbitrary, the process lacked transparency, and developers have no recourse when platforms make automated decisions.
Were you a paying GitHub user? Doesn’t sound like it.
You were scanning remote servers without written authorization using GitHub Actions bandwidth rather than hosting your own workers? “Scout for new sources”? I expect GitLab to ban you next.
[dead]
> Under GDPR Article 20
Why GDPR. Didn't you say you're from Russia?
> DPO request unanswered beyond automated ticket
GDPR allows companies 30 days to answer, or telling you they need more time to answer.
> FTC complaint filed
Why FTC. Didn't you say you're from Russia?
> Filed formal legal appeal (7 pages)
I'm guessing the pages were largely AI generated?
> This is, de facto, theft of intellectual property.
At this point I'm laughing and wonder which AI lawyer gave the confidence to suggest that.
> No export. No backup.
Having no backups is hardly the provider's fault.
> Project migrated to GitLab
That sounds like you have the code at least and can recreate the data.
[dead]
[dead]
[dead]