David Len
You've found someone on Twitter who seems like a great co-founder or contractor. Before you share your codebase, split equity, or send money, do five minutes of structured vetting.
Step 1: Verify the timeline
Cross-reference what they say they've built with when they joined platforms, when repos were created, and when their web presence was established. Legitimate builders leave a trail. A person who "built a SaaS to $10k MRR" but joined GitHub six months ago is a yellow flag.
Step 2: Look for social proof in the wild
Not the testimonials they chose to display — the ones that emerge naturally. Are they mentioned in other people's threads? Do credible accounts reply to them? Does their personal site have blog posts that attracted real comments? Social proof you didn't curate is the only kind worth trusting.
Step 3: Check content consistency
Someone who claims expertise in Rust but never tweets about it, has no Rust repos, and writes blog posts about Python is probably not the Rust expert they claim to be. Consistency across platforms — what they write, what they build, who they talk to — is the strongest signal of genuine expertise.
Step 4: Red flags are patterns, not data points
One missing GitHub year isn't a problem. One overstated bio claim isn't a problem. But if the timeline doesn't match, the engagement looks bought, the GitHub is empty, and the personal site is a landing page with no content — that's a pattern. CloudScout surfaces all of this in a single report so you can see the full picture quickly.