DEV Community

Cover image for The MoneyPrinter Printed Nothing.
CounterIntEng
CounterIntEng

Posted on

The MoneyPrinter Printed Nothing.

#engineering #ai #software

The MoneyPrinter Printed Nothing.

21,748 stars. 2,200 forks. A tagline that reads: "Automates the process of making money online."

I had to test it.

Not because I believed it. Because 21,748 people starred it, and I wanted to understand what they thought they were getting. So I cloned the repo, installed the dependencies, and tried to run every single feature MoneyPrinterV2 claims to offer. What follows is a straightforward account of what happened.

No hype. No hate. Just evidence.

Repo Stats

What MoneyPrinterV2 Claims to Do

The repository promises four automated income streams:

  1. YouTube Shorts automation -- generate short-form videos, upload them, and schedule via CRON jobs
  2. Twitter bot -- generate tweets and post them on a schedule
  3. Amazon affiliate marketing -- generate product pitches via LLM and share them through Twitter
  4. Local business outreach -- discover local businesses, then email them automatically

The README paints a picture of passive income on autopilot. Set it up once, walk away, collect money. The dream that sells a thousand info-products. Let's see if the code delivers.

Four Features

The Setup: First Signs of Trouble

The project is 95.7% Python, with 110 commits and 14 contributors. It carries an AGPL-3.0 license and an "educational purposes only" disclaimer -- a detail we'll return to.

Installation starts normally enough: clone, create a virtual environment, pip install -r requirements.txt. But the requirements file is where the first red flag appears.

There are 17 dependencies listed. Only 2 have version pins: kittentts==0.8.1 and Pillow>=10.0.0. The other 15 packages -- including moviepy, selenium, undetected_chromedriver, assemblyai, and faster-whisper -- are completely unpinned. No version constraints at all.

This means every time you install, you're rolling the dice. The exact combination of package versions you get depends on the day you run pip install. What worked for the developer six months ago might break for you today. And in fact, it does -- Python 3.13 users hit a torch incompatibility wall immediately.

There's also a dependency the README doesn't prominently mention: Ollama, a local LLM runtime. Without it, the core generation features don't work. I had to discover this by reading the source code, not the documentation.

Testing Feature 1: YouTube Shorts Automation

This is the flagship feature, the one that gets the most attention. The flow is supposed to be:

  1. Generate a script via LLM (Ollama)
  2. Convert script to speech (via kittentts or assemblyai)
  3. Generate or source background video
  4. Add subtitles (via faster-whisper)
  5. Composite the final video (via moviepy)
  6. Upload to YouTube
  7. Schedule via CRON

Does it generate videos?

Sort of. After wrestling with the deprecated moviepy.video.fx.crop import (moviepy has restructured its API and the code hasn't been updated), I got a basic video to render. The quality is what you'd expect from automated content: a background clip with overlaid subtitles reading a GPT-generated script. It looks like every other AI-generated YouTube Short flooding the platform -- which is to say, it looks like spam.

The art_equalizer module is referenced in the code but missing entirely. The music feature relies on a Songs.zip archive that was -- and this is not a joke -- found to be corrupted. More on that later.

Does it upload?

The upload mechanism uses selenium and undetected_chromedriver to automate the YouTube Studio interface. This is browser automation pretending to be a human, not an API integration. YouTube's Terms of Service explicitly prohibit automated uploads through non-API means. Using this puts your Google account at risk of permanent termination.

The math: YouTube Shorts pay roughly $0.01 to $0.05 per 1,000 views. To make even $100/month, you'd need 2 to 10 million views. Monthly. From obviously automated content that YouTube's algorithm is increasingly trained to suppress. The economics don't work unless you're operating at a scale that would almost certainly trigger YouTube's automated content detection systems.

Verdict on YouTube Shorts: Technically generates a video. Practically useless for income.

Testing Feature 2: Twitter Bot

The Twitter bot generates tweets via the local LLM and posts them using Selenium-based browser automation. No Twitter API. No OAuth. Just a headless browser logging into your account and clicking buttons.

The immediate problem: The code imports from Selenium's Firefox driver, but the import path has changed in recent Selenium versions. You get an import error on launch. Fixable, but symptomatic of unmaintained code.

The bigger problem: X (formerly Twitter) has invested heavily in bot detection since 2024. Their systems flag accounts that post with robotic regularity, that log in from headless browsers, and that generate content with suspiciously consistent patterns. Getting your account banned isn't a risk -- it's a near-certainty if you run this for more than a few days.

The business problem: Even if it worked perfectly and never got banned, what's the monetization path? Twitter doesn't pay most users for tweets. You need to be in their creator program, which requires real engagement from real followers. Bot-generated tweets don't build the kind of audience that generates revenue.

Verdict on Twitter Bot: High risk of account ban, no clear path to revenue.

Testing Feature 3: Amazon Affiliate Marketing

This feature generates product recommendation tweets and posts them via the Twitter bot mechanism. The idea: have an LLM write persuasive product pitches, include your Amazon affiliate link, post to Twitter, earn commissions.

The chain of dependencies is fragile: LLM generates text, Selenium posts to Twitter, users click the link, users buy on Amazon, you get a commission. Every link in this chain has a failure mode.

Amazon affiliate commissions range from 1% to 3% for most product categories. Let's say you're promoting a $50 product at 3% commission: that's $1.50 per sale. To make $500/month, you need 333 sales. From automated tweets. On an account that's probably getting flagged for bot behavior.

I've seen the affiliate marketing space up close. The people who actually make money do it through SEO-optimized content, carefully built niche audiences, and genuine product expertise. Not through bot-posted tweets that read like they were written by a language model -- because they were.

Verdict on Affiliate Marketing: Theoretically possible, practically delusional at scale.

Testing Feature 4: Local Business Outreach

This is the feature that made me most uncomfortable. The workflow:

  1. Scrape the web for local business contact information
  2. Generate email pitches via LLM
  3. Send emails automatically

I didn't fully run this one, and here's why.

The email validation system sends to invalid addresses. This isn't just a bug -- it's a reputation destroyer. Email providers track sender reputation. Sending to invalid addresses gets your domain blacklisted. Once blacklisted, even your legitimate emails go to spam.

Beyond the technical issues, there's the legal dimension. The CAN-SPAM Act in the United States requires that commercial emails include a physical address, an unsubscribe mechanism, and accurate header information. The GDPR in Europe is even stricter -- you need explicit consent before sending commercial emails.

Mass-emailing scraped contacts with LLM-generated pitches violates both frameworks. This isn't a gray area. This is the kind of activity that generates FTC complaints and GDPR fines.

Verdict on Outreach: Legally hazardous. Technically broken. Don't do this.

Dependency Hell

The Dependency Problem Is Worse Than You Think

Let's talk about those 15 unpinned dependencies.

In a healthy Python project, you pin your dependencies to specific versions in requirements.txt. This ensures reproducible builds -- everyone who installs your project gets the exact same package versions. When you don't pin, you get "works on my machine" syndrome at best and supply chain attacks at worst.

MoneyPrinterV2 uses moviepy, which has been through significant API changes. It uses selenium, which regularly changes its driver interface. It uses undetected_chromedriver, which is in a constant arms race with browser detection systems. None of these are pinned.

The result: 23 open issues on the repository, many of which are installation and compatibility failures. Minimal resolution from maintainers. The last meaningful code update was the March 1, 2026 "Huge Overhaul," and since then, activity has been limited to README sponsorship link updates.

Which brings us to the supply chain incident.

Revenue Reality

The Songs.zip Incident

On March 3, 2026, a commit appeared in the repository with the message: "Fix critical supply chain poisoning vulnerability in song archive download."

Read that again. The Songs.zip file -- a dependency that gets downloaded when you use the music feature -- was compromised. Supply chain poisoning means someone replaced the legitimate file with a malicious one. Anyone who downloaded and extracted that archive between the time it was poisoned and the time it was fixed potentially executed malicious code on their machine.

This is not a theoretical risk. This happened. In a repository with 21,748 stars and 2,200 forks. The fix commit is right there in the git history.

The broader issue: when a project distributes binary archives (zip files) as part of its workflow, and those archives are hosted on third-party services, the attack surface expands dramatically. Pinned dependencies from PyPI at least have hash verification. A zip file downloaded from an external URL has none of that.

If you cloned and ran this repo before March 3, 2026, I'd recommend auditing your system.

Supply Chain

Follow the Money

Let's ask the uncomfortable question: who actually benefits from MoneyPrinterV2?

Not the users. The four features range from "barely functional" to "actively dangerous." The YouTube automation produces low-quality content that won't generate meaningful revenue. The Twitter bot risks your account. The affiliate system has no viable path to scale. The outreach tool breaks laws.

The repository author benefits. 21,748 stars is social proof. Social proof attracts sponsorships. The recent commit history is mostly README updates adding sponsor links. The "educational purposes only" disclaimer provides legal cover while the name "MoneyPrinter" promises exactly the opposite of education.

This is a pattern I've seen repeatedly in the open-source space: repositories with exciting names that promise easy money accumulate stars from hopeful people who never actually run the code. The star count becomes the product. The code is just the packaging.

I want to be clear: I'm not accusing the author of malicious intent. The disclaimer is there. The code is open source. But the name, the README, and the marketing all sell a dream that the code cannot deliver. And 21,748 people bought it -- for free, but with their time and potentially their account security.

What Actually Works for Automated Income

I build automation tools for a living. Our team maintains AI Video Factory, an open-source video pipeline. Here's what I've learned about what actually generates sustainable automated income:

Build tools that create genuine value. The difference between a tool and a spam bot is whether the output is something people actually want. Automated video generation works when the content is useful -- tutorials, data visualizations, news summaries. It doesn't work when you're generating content-shaped noise to game an algorithm.

Respect platform rules. API-based integrations are slower to build than Selenium hacks, but they don't get your accounts banned. Every hour spent on proper API integration saves ten hours of dealing with bans, captchas, and detection evasion.

Pin your dependencies. If you're building tools that other people will rely on, reproducible builds aren't optional. They're a basic responsibility.

Solve real problems. The indie hackers I know who actually make money online do it by identifying a genuine pain point and building a tool to solve it. Not by running bots that spam platforms with AI-generated content.

The uncomfortable truth about "automated income" is that the automation part is the easy half. The income part requires that you're creating something someone is willing to pay for. No amount of automation can substitute for that.

Verdict

The Verdict

MoneyPrinterV2 is a case study in how star counts can mislead.

21,748 stars. But 23 unresolved issues. 15 unpinned dependencies. A supply chain poisoning incident. Selenium-based automation that violates platform terms of service. An email feature that breaks anti-spam laws. And economics that don't work even if every feature ran perfectly.

The name "MoneyPrinter" is doing all the heavy lifting. It sells the fantasy of passive income -- the same fantasy that sells dropshipping courses, forex signal groups, and crypto trading bots. The code behind the name is a collection of barely-maintained scripts that automate the wrong things.

Here's what I'd tell anyone who starred this repo hoping it would change their financial situation:

  1. Unstar it. Star count is how these projects maintain credibility.
  2. Don't run untrusted code. Especially code with a known supply chain incident and unpinned dependencies.
  3. Learn to build, not to spam. The skills you'd use to get MoneyPrinterV2 working -- Python, APIs, automation -- are genuinely valuable. Use them to build something that creates real value.
  4. Read the code before you star. 21,748 people starred a project. How many read the requirements.txt? How many noticed 15 unpinned packages? How many saw the supply chain fix commit?

The best money printer is a product that solves a real problem. Everything else is noise.

Counterintuitive Engineering builds open-source tools that work. Follow @CounterIntEng for honest engineering takes.

Top comments (0)