Drawing on multiple sources of qualitative data, I describe a case of open science infrastructure (OSI) abuse. The case illustrates how developers navigated scholarly value tensions and issues of epistemic and platform legitimacy while battling spam on their open science webapp. Notably, their struggle used precious financial resources and drew attention away from other development tasks like feature expansion. This research makes evident that not only is OSI abuse like spam a financial burden, but it puts scholarly information security—specifically, the legitimacy of open science content—at risk. However, protecting against such abuse is not a trivial matter; it raises questions of who is responsible for defining and enforcing scholarly values. The urgency of this issue is magnified by OSI’s relationship to public trust in science.