Skip to content
Hugin
VerdictSock-puppet ring with coordinated skepticism

Suspicious.

The post itself reads authentic, but structural evidence shows coordinated manipulation: two commenters (u/username_tbd18 and u/mtsandeep) share an identical writing fingerprint (skeptical technical interrogation, stacked 'how will/how is' questions, fixation on breach risk), and three aged accounts were reactivated specifically to comment here. This manufactured comment section manufactures false concern to either tank the post or create a false objection pattern for later replay.

r/buildinpublicPosted by u/Jay-z27Original
Sources6/12checked
Flags22 high, 0 med
Work64 limits
People55 histories
Scan shape50% source coverage
High flags2
Medium flags0
Work signals6
Sources checked6
Decision path

Hugin marked this suspicious because at least one meaningful risk signal appeared, but the scan did not reach the stronger likely-scam threshold.

  1. The final verdict text came from the AI verdict engine using the stored structural signal block.
  2. The scan reviewed 6 comments and 5 unique commenter accounts.
  3. Signal count: 2 high, 0 medium, 0 low flags; 4 coordination-class signals.
3 aged accounts reactivated to comment here

An account that sat silent for months and then suddenly wakes up to praise a promotional post is almost always a sold or recovered handle being weaponised for credibility.

JSON
Full evidence trailSources, public checklist, values lens, network map, account coverage, archive, and sharing tools.
Validation protocol

Review before sharing.

Hugin reports are evidence packets, not accusations. Use the rating as a prompt to inspect sources, limitations, and archived material before quoting a claim elsewhere.

The post
Built a web app that automatically finds your subscriptions from Gmail and reminds you before you’re charged. Looking for feedback.
Post age
6.0h
Commenters scanned
5
<7d-old accounts
0 (0%)
Removed comments
0
Median age
3.5y

Source checks

Checked
6
Limited
2
Needs key
0
Total sources
12
checked / thread
Reddit thread snapshotReddit JSON or RSS

9 public comments loaded for r/buildinpublic.

checked / thread
Comment evidence archiveHugin snapshot

Public comment bodies were retained with the report snapshot.

limited / accounts
Author account metadataReddit account about + old Reddit profile + Arctic Shift/PullPush archives

1 author age value was unavailable after Reddit profile JSON, old Reddit profile HTML, and archive fallbacks.

limited / accounts
Recent author historyReddit user activity + old Reddit profile + Arctic Shift/PullPush archives

6 selected author histories checked; 1 unavailable, 2 partial, 5 archive fallback.

checked / coordination
Reply graphHugin graph pass

6 reply edges mapped.

checked / coordination
Writing-style comparisonAI stylometry pass

1 same-hand writing pair surfaced.

checked / coordination
Shared identifiersHugin extractor

0 unique external identifiers extracted.

checked / archive
Prior report matchesHugin report archive

0 prior archive matches returned.

Show your work

Deterministic explanation of the stored scan inputs behind the verdict. This is not hidden model reasoning; it is the evidence checklist Hugin can show publicly.

Verdict path · AI summary

Hugin marked this suspicious because at least one meaningful risk signal appeared, but the scan did not reach the stronger likely-scam threshold.

  1. The final verdict text came from the AI verdict engine using the stored structural signal block.
  2. The scan reviewed 6 comments and 5 unique commenter accounts.
  3. Signal count: 2 high, 0 medium, 0 low flags; 4 coordination-class signals.
  4. The scan crossed the caution threshold, but did not show enough stacked proof for likely scam.

What pushed risk up

riskHIGH flag: 3 aged accounts reactivated to comment here

An account that sat silent for months and then suddenly wakes up to praise a promotional post is almost always a sold or recovered handle being weaponised for credibility.

riskHIGH flag: 1 pair of commenters share a writing fingerprint

Different usernames, same hand. Same idiosyncratic punctuation, filler vocabulary, and clause habits. The most common reason this happens on Reddit is one person running multiple accounts.

  • u/username_tbd18u/mtsandeep — Both use identical rhetorical move of skeptical technical interrogation with stacked questions about data security/encryption; both use 'how will/how is' clause pattern; both fixate on breach risk and local-only requirements; both use 'you are/you think' framing to challenge the OP directly.
riskSame-hand writing signals

1 commenter pair had medium-or-higher stylometry similarity.

  • u/username_tbd18 / u/mtsandeep: high - Both use identical rhetorical move of skeptical technical interrogation with stacked questions about data security/encryption; both use 'how will/how is' clause pattern; both fixate on breach risk and local-only requirements; both use 'you are/you think' framing to challenge the OP directly.
riskRecent account-history pattern

3 author histories showed drop-in, dormant, or cross-promotion behavior.

What limited confidence

uncertainAuthor metadata gap

1 scanned author had unknown account age. Profile metadata remained unavailable for 1 hosted fetch after archive fallbacks. Absence of young-account signals is lower confidence.

What kept the rating lower

cleanNo reply ring detected

Hugin mapped 6 reply edges and did not find a mutual-reply clique.

Limitations
  • 1 author account age was unavailable after profile metadata and archive fallbacks.
  • 5 author age values are a lower-bound estimate from oldest archived public activity, not an official Reddit account-created timestamp.
  • 1 selected author history was unavailable to the scan.
  • Username shape alone is never treated as a finding; it is only context when stronger public signals also appear.
Rating thresholds
  • Likely scam: multiple high-severity signals, prior identifier reuse, or several coordination signals stacking together.
  • Suspicious: one high-severity signal, multiple medium signals, or one concrete coordination signal that deserves review.
  • Inconclusive: weak, conflicting, or partial signals where the scan cannot justify either trust or a stronger warning.
  • Looks legitimate: no structural red flags, available metadata, and clean coordination passes.

Values lens

Use standardEvidence, not pile-ons

Use scans to slow down, inspect public signals, and keep uncertainty visible. Never use them to harass, shame, or flatten people into a verdict.

EvidenceDignityRepairCommon good
source humilityhuman dignityno pile-onsrepair when possible
Fair-use checks
  • What was observed, and what is interpretation?
  • What data is missing, blocked, or confidence-limiting?
  • Would the wording feel fair if it were about someone you care about?
Stable reference

What the post is doing

  • u/username_tbd18 and u/mtsandeep flagged as same-hand writer: identical rhetorical pattern (stacked technical questions, 'how will/how is' clause structure, 'you are/you think' direct challenge framin
  • 3 aged accounts (u/mtsandeep: 6129d dormancy, u/sea-north7215: 30d dormancy, u/obsessed_founder113: brand new 8-item account) reactivated/created to comment within hours
  • All 9 comments score 0 with 0% upvote ratio — suggests vote suppression or manufactured skepticism ring rather than organic feedback
  • u/username_tbd18 posts twice with identical skeptical framing (first two comments) — repetitive sock-puppet pressure
  • u/sea-north7215 and u/obsessed_founder113 share adjacent subs (r/buildinpublic, r/microsaas, r/smallbusiness cluster) consistent with operator-run network

Automated flags

HIGH3 aged accounts reactivated to comment here

An account that sat silent for months and then suddenly wakes up to praise a promotional post is almost always a sold or recovered handle being weaponised for credibility.

Evidence
HIGH1 pair of commenters share a writing fingerprint

Different usernames, same hand. Same idiosyncratic punctuation, filler vocabulary, and clause habits. The most common reason this happens on Reddit is one person running multiple accounts.

Evidence
  • u/username_tbd18u/mtsandeep — Both use identical rhetorical move of skeptical technical interrogation with stacked questions about data security/encryption; both use 'how will/how is' clause pattern; both fixate on breach risk and local-only requirements; both use 'you are/you think' framing to challenge the OP directly.

Coordination map

Who replied to whom in the scanned comments. Organic threads branch out from the post; accounts that reply back and forth to each other or hub around one shared identifier are the structural fingerprints of a coordinated pod. This shows the most significant pattern found, not every commenter.

Commenter patterns

Recent public Reddit activity for the OP and selected accounts, plus same-hand writing checks when the stylometry pass runs. These are coverage-limited evidence summaries, not identity or availability claims.

u/Jay-z2746 items
Last 24h5
Quiet gap147d
Top subreddits
  • r/interviews (7)
  • r/DesiFragranceAddicts (5)
  • r/FresherTechJobsIndia (5)
  • r/buildinpublic (4)
External domains
  • docs.google.com (1)
  • i.redd.it (1)

Reddit blocked the recent-activity fetch from Hugin's scanner during this run. Treat this as missing coverage, not a finding about the account.

u/mtsandeep37 items
Last 24h7
Quiet gap16.8y
Top subreddits
  • r/selfhosted (14)
  • r/obs (7)
  • r/vibecoding (4)
  • r/reddit.com (4)
External domains
  • getadviced.com (4)
  • i.redd.it (1)
  • v.redd.it (1)
Last 24h7
Quiet gap30d
Top subreddits
  • r/motorcyclegear (4)
  • r/lawnmowers (4)
  • r/smallbusinessUS (2)
  • r/buildinpublic (2)
External domains
  • v.redd.it (1)
  • i.redd.it (1)
u/obsessed_founder1138 items · partial

Reddit returned only part of this account's recent public activity during the scan.

Last 24h8
Quiet gap4h
Top subreddits
  • r/buildinpublic (4)
  • r/micro_saas (3)
  • r/microsaas (1)
u/cssword7 items · partial

Reddit returned only part of this account's recent public activity during the scan.

Last 24h1
Quiet gap134d
Top subreddits
  • r/SaaS (3)
  • r/buildinpublic (1)
  • r/pdf (1)
  • r/esp32 (1)
Stylometry
  • u/username_tbd18 / u/mtsandeep high confidence - Both use identical rhetorical move of skeptical technical interrogation with stacked questions about data security/encryption; both use 'how will/how is' clause pattern; both fixate on breach risk and local-only requirements; both use 'you are/you think' framing to challenge the OP directly.

Account age coverage

OP and scanned commenters are shown when Hugin recovered profile metadata or an oldest-public-activity age floor. Lower-bound ages are labeled as estimates; unknown age remains missing coverage, not a finding about the account.

oldest archived public activity
u/csswordat least 300d
oldest archived public activity
u/Sea-North7215at least 331d
oldest archived public activity
u/Username_TBD18at least 6.1y
oldest archived public activity
u/mtsandeepat least 17.4y
oldest archived public activity
u/Jay-z27OPunknown
Reddit blocked metadata

Archived evidence

Snapshot of the post and comments at scan time. Preserved here so the evidence survives even if it gets deleted on Reddit.

Post body — by u/Jay-z27
I kept forgetting free trials and subscription renewals. The reminder would be buried in Gmail or an app notification, and I’d only remember after the payment had already gone through. So I spent the last few weeks building a small side project called Subwise . It: 📩 Connects to Gmail (read-only) to automatically detect subscriptions, EMIs and recurring payments. 💬 Sends WhatsApp reminders before they’re due. ✍️ Lets you add recurring payments manually if you don’t want to connect Gmail. The goal isn’t to replace budgeting apps it’s simply to make recurring payments easier to keep track of. I’m currently in Google OAuth testing mode , so Gmail scanning only works for users I’ve explicitly added as test users. If you’d like to try it, leave a comment or send me a DM with the Gmail account you’d like to use, and I’ll add you to the testing list. If you’d rather not connect Gmail, you can still sign up and use the manual mode. I’d love honest feedback on what’s confusing, what’s broken, and what you’d improve.
Comments captured (9)
  • So you think that people, instead of using budgeting apps or manual reminders, will instead let AI read all their emails?
  • u/Jay-z27score 0
    Fair question. The Gmail integration is completely optional . It’s read-only and only used to detect recurring subscriptions and e-mandates, Without Gmail, you can still add recurring payments manually. The Gmail integration simply removes the most manual effort and keeps everything up to date automatically. The core question I’m trying to answer is whether that convenience provides enough value to opt in. Feedback like yours is exactly what I’m looking for.
  • But if they need to enter the information manually, there’s other options already around. So the only real USP is a massive data breach waiting to happen. Sorry if that’s harsh, but that’s what it seems to me. Unless you can guarantee that this is all local-only and no data leaves the users device?
  • u/Jay-z27score 0
    One thing I probably didn’t explain well is how the Gmail integration actually works. Subwise first looks for payment-related emails (using signals like the sender and subject) to identify potential recurring payments. It then processes only those relevant emails to confirm they’re actual subscriptions or recurring charges not things like promotional emails. Once a recurring payment is identified, I don’t store the email itself . I only store the structured information needed for the product to work, such as the service name, amount, renewal date, and your reminder preferences. The full email content isn’t retained in the database. Also, Gmail isn’t really the product, it’s just the easiest way to get started. If someone doesn’t want to connect Gmail, they can add recurring payments manually and still receive WhatsApp reminders, which is the part I’m actually trying to solve. My hypothesis is that a WhatsApp reminder is much harder to miss than another email or app notification buried in your inbox. That said, I completely understand that granting inbox access is a high bar for some people. If enough people feel the convenience isn’t worth that trade-off, that’s valuable feedback for me and something I need to improve.
  • You are saying that you are only reading relevant emails, how will users believe that, is your code open-source self hostable? Also even if you dont store all email info, the structured info is enough to be stressful that a database breach will expose. How is database secured? Is data encrypted on rest? Is it end to end encrypted?
  • u/Jay-z27score 0
    website- subwise.co.in
  • interesting. one question if you dont mind, have you run into issues with services that barely send emails or change their sender all the time??
  • The WhatsApp angle is clever since most people actually check those messages, but you might see better retention if you let users snooze reminders instead of just deleting them, since plenty of subscriptions get paused rather than cancelled. Also worth testing whether people want reminders 7 days out versus 3 days out, because the optimal timing probably varies wildly depending on whether someone's checking credit card statements weekly or monthly.

Original on Reddit: https://www.reddit.com/r/buildinpublic/comments/1ulwnbs/built_a_web_app_that_automatically_finds_your/ — “Built a web app that automatically finds your subscriptions from Gmail and reminds you before you’re charged. Looking for feedback.”

Share this report

Share this link in a Reddit reply when the thread needs supporting evidence. The report stays public so anyone reading the thread can review the data themselves.

Share on X ↗

Reports like this stay free for everyone. Keep Hugin free →

Embed this report
options: ?theme=light · ?compact=1 (80px badge)

Last 90 days

r/buildinpublic report pressure

6 reports in 90d.