diff --git a/.github/workflows/anti-spam-filter.yml b/.github/workflows/anti-spam-filter.yml
new file mode 100644
index 0000000000..09a6738dce
--- /dev/null
+++ b/.github/workflows/anti-spam-filter.yml
@@ -0,0 +1,53 @@
+name: Anti-Spam Filter
+
+on:
+  issues:
+    types: [ opened, edited ]
+  pull_request:
+    types: [ opened, edited ]
+  issue_comment:
+    types: [created, edited]
+  pull_request_review_comment:
+    types: [created, edited]
+
+permissions:
+  issues: write
+  pull-requests: write
+  contents: write
+
+jobs:
+  moderate:
+    if: ${{ github.event.action == 'created' || github.event.action == 'edited' || github.event.action == 'opened' }}
+    runs-on: ubuntu-latest
+    steps:
+    - name: Run spam filter
+      uses: actions/github-script@v7
+      env:
+        # The entire spam detection logic is stored here
+        SPAM_DETECTION_SCRIPT: ${{ secrets.SPAM_DETECTION_SCRIPT }}
+      with:
+        script: |
+          // Load and execute the spam detection script from secret
+            const detectionScript = process.env.SPAM_DETECTION_SCRIPT;
+
+            if (!detectionScript) {
+              core.warning("SPAM_DETECTION_SCRIPT secret not configured - skipping spam detection");
+              core.info("To enable spam filtering, set up the SPAM_DETECTION_SCRIPT secret.");
+              core.info("See documentation for setup instructions.");
+              return;
+            }
+
+            try {
+              // Execute the hidden script
+              // The script has access to: github, context, core
+              const detectSpam = eval(detectionScript);
+
+              // Run the detection
+              await detectSpam(github, context, core);
+
+            } catch (err) {
+              core.error(`Spam filter error: ${err.message}`);
+              core.warning(`Filter execution failed - continuing without spam check`);
+              // Don't fail the workflow, just log the error
+            }
+