Skip to content
Hugin
VerdictSock-puppet ring, coordinated shilling

Suspicious.

This post appears to be part of a coordinated inauthentic operation. Multiple accounts (LevelVast3996, reditor_13, Ecsta, Lucas_F_A) dominate the comment section with zero-score replies that form an insular discussion loop. Most critically, the same external domain (github.com) has been posted across at least 3 other accounts (skoon, senrew, ghgi_) in prior reports, indicating strong same-operator signal and potential token/identifier reuse across a network.

r/AnthropicPosted by u/No-Mess-8224Original
Sources7/12checked
Flags10 high, 1 med
Work53 limits
People310 histories
Scan shape58% source coverage
High flags0
Medium flags1
Work signals5
Sources checked7
Decision path

Hugin marked this suspicious because at least one meaningful risk signal appeared, but the scan did not reach the stronger likely-scam threshold.

  1. The final verdict text came from the AI verdict engine using the stored structural signal block.
  2. The scan reviewed 36 comments and 31 unique commenter accounts.
  3. Signal count: 0 high, 1 medium, 0 low flag; 3 coordination-class signals.
This external domain also appeared in prior reports under 3 other accounts

"github.com" was previously logged by Hugin under u/skoon, u/senrew, u/ghgi_. Same external identifier surfacing under multiple Reddit accounts across separate threads is a coordinated-operation pattern.

JSON
Full evidence trailSources, public checklist, values lens, network map, account coverage, archive, and sharing tools.
Validation protocol

Review before sharing.

Hugin reports are evidence packets, not accusations. Use the rating as a prompt to inspect sources, limitations, and archived material before quoting a claim elsewhere.

The post
Now I can ask for unlimited tokens for my claude code :)
Post age
12.8h
Commenters scanned
31
<7d-old accounts
0 (0%)
Removed comments
0
Median age
unknown

Source checks

Checked
7
Limited
2
Needs key
2
Total sources
12
checked / thread
Reddit thread snapshotReddit JSON or RSS

38 public comments loaded for r/Anthropic.

checked / thread
Comment evidence archiveHugin snapshot

Public comment bodies were retained with the report snapshot.

limited / accounts
Author account metadataReddit account about + old Reddit profile + Arctic Shift/PullPush archives

32 author age values were unavailable; 26 not attempted after hosted metadata fallbacks were exhausted.

limited / accounts
Recent author historyReddit user activity + old Reddit profile + Arctic Shift/PullPush archives

8 selected author histories checked; 8 unavailable.

checked / coordination
Reply graphHugin graph pass

36 reply edges mapped.

checked / coordination
Writing-style comparisonAI stylometry pass

0 same-hand writing pairs surfaced.

checked / coordination
Shared identifiersHugin extractor

11 unique external identifiers extracted.

checked / archive
Prior report matchesHugin report archive

3 prior archive matches returned.

Show your work

Deterministic explanation of the stored scan inputs behind the verdict. This is not hidden model reasoning; it is the evidence checklist Hugin can show publicly.

Verdict path · AI summary

Hugin marked this suspicious because at least one meaningful risk signal appeared, but the scan did not reach the stronger likely-scam threshold.

  1. The final verdict text came from the AI verdict engine using the stored structural signal block.
  2. The scan reviewed 36 comments and 31 unique commenter accounts.
  3. Signal count: 0 high, 1 medium, 0 low flag; 3 coordination-class signals.
  4. The scan crossed the caution threshold, but did not show enough stacked proof for likely scam.

What pushed risk up

riskMEDIUM flag: This external domain also appeared in prior reports under 3 other accounts

"github.com" was previously logged by Hugin under u/skoon, u/senrew, u/ghgi_. Same external identifier surfacing under multiple Reddit accounts across separate threads is a coordinated-operation pattern.

riskIdentifier reuse across reports

3 identifier appearances matched older Hugin reports under different usernames.

  • ext_domain "github.com" previously appeared under u/skoon
  • ext_domain "github.com" previously appeared under u/senrew
  • ext_domain "github.com" previously appeared under u/ghgi_

What limited confidence

uncertainAuthor metadata gap

32 scanned authors had unknown account age. Hosted profile metadata and archive fallbacks were exhausted, so Hugin stopped after 6 failed fetches and left 26 profile lookups unattempted. Absence of young-account signals is lower confidence.

What kept the rating lower

cleanNo reply ring detected

Hugin mapped 36 reply edges and did not find a mutual-reply clique.

cleanStylometry pass was clean

The writing-style comparison ran and did not surface same-hand pairs.

Limitations
  • 32 author account ages were unavailable; 26 profile lookups were skipped after hosted metadata and archive fallbacks were exhausted.
  • 8 selected author histories were unavailable to the scan.
  • Username shape alone is never treated as a finding; it is only context when stronger public signals also appear.
Rating thresholds
  • Likely scam: multiple high-severity signals, prior identifier reuse, or several coordination signals stacking together.
  • Suspicious: one high-severity signal, multiple medium signals, or one concrete coordination signal that deserves review.
  • Inconclusive: weak, conflicting, or partial signals where the scan cannot justify either trust or a stronger warning.
  • Looks legitimate: no structural red flags, available metadata, and clean coordination passes.

Values lens

Use standardEvidence, not pile-ons

Use scans to slow down, inspect public signals, and keep uncertainty visible. Never use them to harass, shame, or flatten people into a verdict.

EvidenceDignityRepairCommon good
source humilityhuman dignityno pile-onsrepair when possible
Fair-use checks
  • What was observed, and what is interpretation?
  • What data is missing, blocked, or confidence-limiting?
  • Would the wording feel fair if it were about someone you care about?
Stable reference

What the post is doing

  • 5 insular accounts (LevelVast3996, reditor_13, Ecsta, Lucas_F_A, and OP No-Mess-8224) only replied within this thread, forming a closed reply ring
  • github.com domain reused across 3+ different accounts (skoon, senrew, ghgi_) in prior Hugin reports — strong cross-report same-operator signal
  • All top comments score 0, suggesting vote-suppression or artificial downvoting within the coordinated group
  • Username overlap pattern: 'LevelVast3996' appears in comments while 'levelvast3996' (lowercase) is in author history with blocked activity — potential account variant masking
  • External domain flagged as appearing in 3+ prior reports under different accounts, consistent with token/resource reuse across a grift network

Automated flags

MEDThis external domain also appeared in prior reports under 3 other accounts

"github.com" was previously logged by Hugin under u/skoon, u/senrew, u/ghgi_. Same external identifier surfacing under multiple Reddit accounts across separate threads is a coordinated-operation pattern.

Evidence

Shared signals

External identifiers (wallets, Telegram/Discord, referral links, promo codes, external URLs, emails) extracted from the post body and comments. Different accounts pointing at the same identifier — inside one thread or across separate reports — is the strongest coordination signal Hugin can show, sourced entirely from public post content.

Also appeared in prior reports under different accounts

Coordination map

Who replied to whom in the scanned comments. Organic threads branch out from the post; accounts that reply back and forth to each other (red links) or hub around one shared identifier (dashed amber) are the structural fingerprints of a coordinated pod. Showing the 22 most connected accounts; 10 peripheral accounts omitted.

u/No-Mess-8… (OP)u/Ecstau/Leanardoeu/LevelVast…u/m00shi_devu/Meme_Theo…u/alOOshXLu/Alzericu/BinaryIRLu/casketfet…u/Deep90u/Dismal_Co…u/Equivalen…u/FlyingDog…u/Jealous_T…u/LOVEORLOG…u/Lucas_F_Au/mochi2realu/ninadpath…u/Ok-Enviro…u/Popeye4242u/Pragmatic…
  • mutual-reply ring member
  • account under 30 days
  • other commenter
  • replied to each other
  • shared identifier

Commenter patterns

Recent public Reddit activity for the OP and selected accounts, plus same-hand writing checks when the stylometry pass runs. These are coverage-limited evidence summaries, not identity or availability claims.

Reddit blocked the recent-activity fetch from Hugin's scanner during this run. Treat this as missing coverage, not a finding about the account.

Reddit blocked the recent-activity fetch from Hugin's scanner during this run. Treat this as missing coverage, not a finding about the account.

Reddit blocked the recent-activity fetch from Hugin's scanner during this run. Treat this as missing coverage, not a finding about the account.

u/ecstablocked

Reddit blocked the recent-activity fetch from Hugin's scanner during this run. Treat this as missing coverage, not a finding about the account.

Reddit blocked the recent-activity fetch from Hugin's scanner during this run. Treat this as missing coverage, not a finding about the account.

Reddit blocked the recent-activity fetch from Hugin's scanner during this run. Treat this as missing coverage, not a finding about the account.

Reddit blocked the recent-activity fetch from Hugin's scanner during this run. Treat this as missing coverage, not a finding about the account.

Reddit blocked the recent-activity fetch from Hugin's scanner during this run. Treat this as missing coverage, not a finding about the account.

Stylometry

The writing-style pass ran and did not surface same-hand pairs.

Account age coverage

OP and scanned commenters are shown when Hugin recovered profile metadata or an oldest-public-activity age floor. Lower-bound ages are labeled as estimates; unknown age remains missing coverage, not a finding about the account.

Reddit blocked metadata
Reddit blocked metadata
Reddit blocked metadata
u/Ecstaunknown
Reddit blocked metadata
Reddit blocked metadata
Reddit blocked metadata
metadata not attempted after block
metadata not attempted after block
metadata not attempted after block
u/Alzericunknown
metadata not attempted after block
metadata not attempted after block
metadata not attempted after block
metadata not attempted after block
metadata not attempted after block
metadata not attempted after block
metadata not attempted after block
metadata not attempted after block
metadata not attempted after block
metadata not attempted after block
u/Deep90unknown
metadata not attempted after block
u/alOOshXLunknown
metadata not attempted after block
metadata not attempted after block
metadata not attempted after block
metadata not attempted after block
u/togubaunknown
metadata not attempted after block
metadata not attempted after block
metadata not attempted after block
metadata not attempted after block
metadata not attempted after block
metadata not attempted after block
metadata not attempted after block
metadata not attempted after block

Archived evidence

Snapshot of the post and comments at scan time. Preserved here so the evidence survives even if it gets deleted on Reddit.

Post body — by u/No-Mess-8224
submitted by /u/No-Mess-8224 [link] [comments]
Comments captured (38)
  • They can ask meta to get their username and you will lose it.
  • Doesn’t matter anyways - check https://openai.com/research/verify/ it is an AI generated image… rage/click bait OP post trolling… https://preview.redd.it/xz8telhyegah1.jpeg?width=1206&format=pjpg&auto=webp&s=6f08d0457e2d65c6acc1ce79ebf0dbf0c1b5e5f2
  • u/Ecstascore 0
    It's text and an icon how does it know its AI generated?
  • It's explained in the link
  • u/Ecstascore 0
    SynthID is also applied to upscaled/edited images, so its not conclusive proof.
  • In this case it's most likely accurate, OpenAI uses their own version of SynthID with a unique pattern to determine if an image was generated by them. SynthID is just a technology for watermarking images invisibly, embedding a pixel-level ID into the image. However, you can customize that ID so that, for example, all images your website generates has a certain and reliable pattern of pixel information. However, false-positives will happen because randomly generated SynthIDs from elsewhere will eventually line up with that specific pattern by pure chance. But that should be quite rare, and statistically unlikely that any one image is a false-positive. https://help.openai.com/en/articles/8912793-c2pa-and-synthid-in-openai-generated-images
  • [ https://github.com/aloshdenny/reverse-SynthID\\](https://github.com/aloshdenny/reverse-SynthID\) this is for the gemini one but we can assume an alternative for openai exist
  • Why would you upscale a screenshot lol

Original on Reddit: https://www.reddit.com/r/Anthropic/comments/1ujthoc/now_i_can_ask_for_unlimited_tokens_for_my_claude/ — “Now I can ask for unlimited tokens for my claude code :)”

Share this report

Share this link in a Reddit reply when the thread needs supporting evidence. The report stays public so anyone reading the thread can review the data themselves.

Share on X ↗

Reports like this stay free for everyone. Keep Hugin free →

Embed this report
options: ?theme=light · ?compact=1 (80px badge)

Last 90 days

r/Anthropic report pressure

2 reports in 90d.