but surely all the checking and prerequisite expertise would nix most advantages of using it?Sure, but why would this be a concern for anyone but the user themself? I'm sure I use things which other people may not like, such as VSCode or GNOME. Is it valid for them to tell me what to use and how?
And it looks like for most AI PRs in KeepassXC, the person working with the AI ultimately approves the code... hardly a rock solid review process. Usually, there's two humans in the loop.The way the AI is integrated in GitHub makes it a separate entity from the reviewer with an interaction workflow akin to iterating a PR with its author until it matches the project's standards. In both cases, the PR author — AI or human — is untrustworthy and the reviewer is trustworthy. There are also non-AI PRs where only one developer conducted the review, so there's no difference between AI and non-AI standards.
If this strikes you as flawed, then your concerns should lie with the review process itself.