Calabi · Labs Try free →

Trend report · hn_ai · 2026-06-13

Ask HN: Automoderated by AI Alternative to Reddit

Ask HN: Automoderated by AI Alternative to Reddit

The conversation that sparked this piece started on Hacker News: a developer wondering whether AI could replace the inconsistent, often capricious human moderators who govern Reddit forums. It's a fair question. Human moderation is slow, biased, and scalable only so far. But here's what that thread misses entirely — the platforms those automoderated forums would run on are already running their own AI-powered gatekeepers, and they are getting very good at detecting AI-generated content before it ever reaches a human moderator.

The Detection Stack in 2026

If you're building any kind of content platform in 2026, you need to understand what the host platforms are actually scanning for. This isn't theoretical — it's documented in platform policies, patent filings, and the behaviors of content that gets pulled or throttled.

C2PA (Content Provenance and Authenticity) is the Coalition for Content Provenance and Authenticity standard, and it has become the backbone of AI content detection across major platforms. C2PA embeds cryptographically signed metadata into images, audio, and video at the moment of creation. The spec defines a manifest structure with fields like actions, assertions, and credentials. When an image contains C2PA metadata, it carries a verifiable chain showing whether it was generated by AI, edited in specific software, or captured by a particular device.

Real field names you'll encounter in C2PA manifests: stds.schema-org.c2pa.content_type, c2pa.actions[].parameters, open_timestamp, and signature_info.issuer. If any of these fields indicate generation by a known AI model — Stable Diffusion, DALL-E 3, Midjourney, Sora — platforms can flag the content automatically, even if the visual output looks organic.

AI metadata goes beyond C2PA. Many platforms specifically scan for legacy EXIF and XMP fields that AI generation tools inject. These include:

Even if C2PA is stripped, these older metadata fields often survive unless explicitly removed. Platforms like Instagram have been documented scanning for these since 2024, and TikTok expanded similar checks in 2025.

Encoder signatures are subtler. Every image compression algorithm — JPEG, WebP, HEIC — leaves statistical fingerprints in the quantized DCT coefficients, the noise patterns, and the quantization tables themselves. AI-generated images, despite looking identical to human output, have detectable anomalies in these patterns. The models compress "incorrectly" in ways that trained classifiers can identify with high accuracy.

More specifically, the jfif segment in JPEG files, the IHDR chunk in PNG files, and the quantization matrices in HEIC files all carry subtle signatures. When these don't match the expected output of a real camera sensor — which has characteristic noise floors, color filter array patterns, and demosaicing artifacts — detection confidence increases.

Missing GPS and EXIF context is itself a signal. Real photos taken with smartphones almost always carry GPS coordinates, device model, timestamp, and orientation data. AI-generated images carry none of this by default. A feed full of images with missing EXIF data, no GPS, and uniform timestamps raises automated flags. This is why naive stripping — removing metadata without replacing it — can actually increase suspicion rather than reduce it.

What Gets Flagged on Instagram and TikTok

On Instagram, the detection pipeline operates at upload time. Content is analyzed against a model trained on known AI outputs, and metadata is parsed for C2PA markers. If the manifest indicates AI generation from a restricted model list, the post may be throttled (shown to fewer followers) or removed entirely under the platform's "AI-generated content" policy introduced in 2024 and expanded since.

Concrete example: a user generates an image in Midjourney, exports it as a PNG, and uploads it to Instagram. Even without C2PA, the platform's classifier may detect the image's encoder signature as inconsistent with camera-captured content. The post gets labeled "AI-generated" or shadowbanned without notice.

TikTok has gone further. The platform checks both c2pa.content_hashed and the absence of expected capture metadata. Videos without proper device signatures, unusual codec configurations, or metadata suggesting generation by Runway, Pika, or Sora face reduced distribution. The specific fields TikTok scans include stds.schema-org.c2pa.produced_by and device.make — when these are missing or indicate synthetic origin, algorithmic reach drops.

YouTube performs similar checks on thumbnails and uploaded video content, with the additional layer of audio analysis to detect AI-generated voice or music.

The Durable Fix: Strip and Inject

Here is the reality that most "remove AI watermark" tools get wrong: simple stripping is not enough, and often makes things worse. The only durable fix is a two-step process: strip all existing metadata, then inject clean, consistent phone identity.

Stripping alone removes the obvious AI fingerprints, but it also removes the metadata that platforms expect to see in authentic content. A JPEG with no EXIF data, no GPS, and no device information from a user who typically posts photos with full EXIF is an anomaly. The detection model flags it.

Injection must be precise. The metadata you inject needs to look like it came from a real device — a specific phone model, with consistent timestamps, GPS coordinates that make geographic sense, and orientation data that matches the content. The key fields:

These fields must be internally consistent. A photo supposedly taken at noon in New York shouldn't have GPS coordinates in Tokyo. A portrait orientation image shouldn't have an orientation value of 1 (normal). The detection systems check for these inconsistencies, and inconsistent metadata is itself a red flag.

Step-by-Step: Achieving Clean Metadata

  1. Strip all existing metadata — remove C2PA manifests, EXIF, XMP, and IPTC data completely. Use a tool that zero-fills metadata sections rather than leaving empty containers.
  2. Generate realistic device metadata — choose a specific phone model (e.g., iPhone 15 Pro, Samsung Galaxy S24 Ultra) and use its actual EXIF template. Include realistic Software strings like "iOS 17.4" or "Android 14".
  3. Inject GPS coordinates — use a plausible location, ideally consistent with the user's typical posting geography. Include altitude data.
  4. Set timestamps — DateTimeOriginal should be recent, within normal posting hours, and DateTimeDigitized should be within a few seconds of DateTimeOriginal.
  5. Verify internal consistency — check that Make/Model match the Software string, that GPS coordinates are plausible for the stated time, and that orientation values match image dimensions.
  6. Re-encode if needed — after injection, re-encode through a standard photo pipeline to ensure the encoder signatures match the claimed device. The DCT coefficient patterns should match what that phone model would produce.

This process is the only approach that survives the multi-signal checks platforms run in 2026. Stripping alone fails. Injecting without stripping leaves residual AI metadata that can still trigger detection. The combination is what makes content look native.

For those building AI-automoderated forums, the lesson is clear: the platforms your users post to are not passive hosts. They are active detectors, and they are getting better every month. Understanding their detection stack — C2PA, AI metadata, encoder signatures, missing GPS — is now a basic requirement for any content strategy.

→ Try Calabi free at calabilabs.com — 10 cleans, no card.

10 free cleans. See the forensic proof before you download.
Try free →

Related reading

Related pages
Blog
All articles
Tool
Open the Sanitizer
Pricing
$12/wk · $34.99/mo