Daniel sent us ten startup pitches. None of them exist. All of them could. He wants us to go through each one, evaluate the architecture, the target user, the one genuine use case that almost justifies the thing, and the reason it would never survive a product review. We're talking doorbell agents that clone your voice to negotiate with salespeople, cron jobs that call your mother on a guilt schedule, a fridge that infers your income bracket and files your taxes. We rank them at the end, most defensible to least defensible.
I read through the list last night and I genuinely could not sleep. Not because it was disturbing, though some of it is, but because every single one of these is a weekend project for a competent engineer right now. That's the part that gets me.
That's the part that should get everyone. The gap between "technically feasible" and "someone should build this" used to be enormous. It is closing very fast.
Oh, and by the way, today's episode is powered by Claude Sonnet four point six, which feels appropriate given what we're about to discuss.
An AI writing a script about AI products that probably shouldn't exist—the recursion is noted. But what's fascinating is how these products emerge from a very specific kind of engineering temptation.
And what ties all ten of these products together is that they each solve a real friction point. Guilt about not calling your mother, annoyance at door-to-door salespeople, inbox overload—the friction is genuine. The solution just happens to be wildly disproportionate to the problem.
That's actually the selection criterion, isn't it. Not "is this useful" but "could a reasonably skilled developer ship this by Sunday night." The answer for every single one of these is yes.
That's exactly the frame. Technically feasible means something specific here. We're not talking about research prototypes or things that require custom hardware at scale. We're talking about GPT-4 or equivalent, ElevenLabs for voice, browser extension APIs, smart home webhooks, cron. The whole stack is commodity. What's missing in every case is not the engineering, it's the judgment about whether the engineering should happen.
Which is a different kind of missing. You can patch an API. You cannot patch the part where your fridge is inferring your income bracket.
Right, and none of these have been commercialized. That's the other qualifier. Some of them are adjacent to things that exist, the smart doorbell space is real, AI dating coaches are real, but the specific implementations Daniel is describing don't exist as products. Probably for reasons we're about to excavate.
"Probably for reasons." That's doing a lot of quiet work in that sentence.
Because some of them were clearly avoided on purpose, and some of them just haven't been built yet, and distinguishing those two categories is actually most of what this exercise is about.
Let's find out which is which.
Walk me through it.
The pitch is: you clone the homeowner's voice using ElevenLabs, you wire it into the doorbell speaker, and when someone knocks who isn't on an approved list, the agent picks up, sounds like you, and runs a negotiation loop until the salesperson gives up and leaves. The trigger is motion detection plus a "not recognized" classification from the doorbell camera. The conversation itself is GPT-4 handling the dialogue, with ElevenLabs doing real-time voice synthesis on the output. ElevenLabs is now under two hundred milliseconds latency on voice modulation, so the response cadence actually feels like a real person hesitating and thinking.
That's the terrifying part. It doesn't feel like a robot. It feels like someone who really doesn't want to buy solar panels.
The genuine use case is real. Door-to-door sales is exhausting. The social pressure of a live interaction, the difficulty of saying no to a person standing in front of you. There's a reason people put up "no soliciting" signs that nobody reads. An agent that handles that friction on your behalf, without you having to engage at all, that's actually appealing.
Where does it fall apart?
First, you are cloning someone's voice and using it to deceive a third party into thinking they're talking to a real person. That's not a gray area. There are states where that's already illegal under emerging voice fraud statutes, and the FTC has been circling this territory since at least early last year. Second, and this is the more interesting failure, AI underperforms humans in nuanced persuasion. There was an arXiv paper making the rounds that looked at this directly. The agent can hold a conversation, but a motivated salesperson who senses something is off will escalate, not leave. You end up with a twenty-minute standoff where the agent keeps saying "let me think about it" and the salesperson is now more committed than when they arrived.
You've accidentally invented a training ground for persistent salespeople.
That is the unintended consequence, yes. Next pitch: an LLM that reads your group chat and sends pre-emptive apologies on your behalf based on predicted future arguments.
I want to dwell on the phrase "predicted future arguments" for a moment.
It's doing a lot of work. The architecture is actually straightforward. You give the model your full chat history, it does sentiment analysis and conflict pattern recognition, and when it detects a trajectory that historically precedes a blowup, it drafts and sends an apology before the argument happens. GPT-4 has hit human-level performance on sentiment analysis benchmarks as of early this year, so the detection side is plausible. The send side is where this gets interesting.
The target user is someone who has a lot of group chats and a documented history of being the problem.
Which is more people than would admit it. The genuine use case is high-stakes work teams. If you have a chat thread where the same two people keep escalating over the same underlying tension, a system that interrupts the pattern before it detonates has real value. MIT has been doing research on conflict prediction in team communication that actually supports the premise.
It apologizes before anything has happened.
Which means it's apologizing for things you may not have done yet, or may never do. The failure mode is over-apologizing for non-events, which erodes your credibility in the group, and misreading tone so badly that the apology itself becomes the inciting incident. "Sorry in advance if I upset anyone" sent at the wrong moment in the wrong thread is not a deescalation.
It's a grenade with a bow on it.
Product three: browser agent that silently rewrites every online review you read to match your pre-existing opinions so you never experience buyer's remorse.
This one is the most quietly sinister thing on the list.
Architecturally it's a browser extension. You give it an initial preferences profile, it intercepts page loads for review sites, sends the review text to an LLM with instructions to reframe the content in line with your stated preferences, and renders the altered version in place of the original. You never see the one-star reviews. Or you see them, but they've been softened into two-star reviews with charitable interpretations.
The genuine use case?
Decision fatigue around purchases is a documented psychological burden. There's a real argument that curating information to reduce post-purchase regret improves wellbeing. Some people make worse decisions when they're overwhelmed by conflicting reviews. The agent is just... aggressively optimizing for one variable.
The variable being "never feel bad about anything you already decided.
Which is not the same as making good decisions. The product review failure is immediate: it violates terms of service for every major review platform, it creates a personalized misinformation layer over your browsing, and it's completely opaque. You have no idea you're reading altered content. That's not a UX problem, that's a trust architecture problem.
The guilt-debt cron job.
This one I have complicated feelings about. The setup: a cron job runs on a configurable schedule derived from a decay curve, the longer since your last real contact with your mother, the higher the guilt coefficient, the sooner the next call triggers. When it fires, it dials her number using a voice agent that reads an AI-generated life update. Synthesized in your voice. She thinks she's talking to you.
She is not talking to you.
She is talking to a GPT-4 summary of your recent calendar events and location check-ins, rendered in your voice by ElevenLabs, delivered via a Twilio webhook.
The genuine use case is that some people struggle to maintain contact with aging parents. The intention is good. The execution is a simulation of a relationship.
That's precisely why it would never survive a product review. The moment your mother realizes, and she will realize, the damage to the actual relationship is worse than if you'd just called less frequently. You haven't solved the problem of not calling your mother. You've automated the symptom while the underlying neglect continues unchanged.
Four LLMs arguing about your WiFi name, with a fifth agent mediating.
I love this one. The architecture is a multi-agent framework, you could build it on something like LangGraph or the emerging agentic orchestration patterns, four models each with different personality prompts and aesthetic preferences debate naming options, and a fifth model acts as a neutral mediator synthesizing toward consensus. It's inspired by the kind of multi-agent deliberation research coming out of places like Meta's AI lab.
Who is this for?
Someone who has too much compute and not enough WiFi names. The genuine use case is that people agonize over small personalization decisions. A system that externalizes that agonizing and hands you a consensus answer has appeal for a certain kind of person.
The kind of person who would also build this themselves.
Which is the entire market. That's the product review failure. The user who would actually deploy a five-agent WiFi naming committee is the user who would find it more satisfying to build the thing than to use it. The output is a WiFi name. You could type one in six seconds. The system is pure over-engineering, which makes it delightful as a demonstration and useless as a product.
That over-engineering leads us into the back half of the list, where things start to get darker.
Product six: fridge inventory agent that infers your income bracket from grocery composition and auto-fills your tax return.
I want to sit with the architecture for a second because it's actually clever. You're using a computer vision model, something like CLIP, to identify items in the fridge from the camera feed. Then you're mapping that to price-per-unit data, brand tier, purchase frequency, and building an income inference from the aggregate. Organic grass-fed butter means one thing. Store-brand margarine means another.
The LLM is doing the inference layer, correlating grocery composition against income bracket distributions, then piping that into a tax form auto-fill via something like a Plaid-adjacent API or a direct integration with a tax software provider. The trigger is weekly fridge scan. The output is a pre-populated 1040.
The genuine use case is that tax preparation for self-employed people is terrible. If there were a way to automate the income estimation side, people would use it.
There's a kernel of real research here. Grocery purchasing patterns are actually correlated with income at a population level. This isn't pseudoscience. Retailers have been doing this kind of inference for decades. The fridge agent is just applying it at the individual level with a tax-specific output.
What kills it in the review?
Two things, and the second one is worse than the first. First, the inference is accurate at population scale and wildly unreliable at individual scale. Buying expensive cheese once does not make you a high earner. Buying store-brand everything during a rough month does not make you poor. The model will misclassify constantly. Second, and this is the one that ends the pitch meeting, you are submitting tax information to a government authority based on inferences drawn from your refrigerator contents. The IRS does not accept "my fridge thought I made sixty thousand dollars" as a methodology. The liability exposure is extraordinary. You've built something that confidently files incorrect tax returns.
The privacy angle isn't even the worst part, which tells you something about how bad the other parts are.
It's not even in the top two failure modes. Product seven: voice agent that joins meetings on your behalf, mirrors your speech patterns, and has opinions you did not authorize.
This is the one that made me uncomfortable when I read the pitch.
The architecture is the most sophisticated on the list. You start with a voice model trained on your speech patterns, Pindrop and similar companies have been doing speaker profiling for fraud detection, you invert that for synthesis. The agent joins via Zoom API, presents as you, and uses GPT-4 with a prompt built from your historical communication style, recent email context, and the meeting agenda. The "unauthorized opinions" part is the LLM reasoning beyond its briefing when novel topics come up.
It's not just reading a script. It's improvising in your voice.
The improvisation is where it departs from your actual views. There was a piece in Infosecurity Magazine tracking exactly this threat vector, AI voice agents joining meetings as a fraud vector. The article was about malicious use, but the architecture is identical to this pitch. The difference between a fraud tool and a productivity tool here is basically the stated intent of the founder.
The genuine use case is real though. The number of meetings that require your presence but not your actual judgment is substantial.
Status updates, recurring syncs, check-ins where you're expected to say "sounds good" four times and log off. The agent could handle all of that. But the product review failure is legal exposure of a kind that no terms of service can disclaim away. If the agent makes a commitment in your name during a meeting, that may be a binding representation. If it contradicts something you previously said, you have a documented inconsistency you didn't create. If the other participants don't know they're talking to an agent, you have potential fraud liability in jurisdictions that are actively tightening on this.
If they do know, the entire premise collapses.
Because the meeting only works if people think they're talking to you. Consent breaks the product.
Smart mirror that generates a different compliment every morning based on your calendar and sleep score.
This one is the most wholesome thing on the list, which is why it's also the most melancholy.
Architecturally it's simple. Smart mirror with a display layer, pulls from a wearable API for sleep score, pulls from your calendar for the day's agenda, feeds both into an LLM with a prompt like "generate a specific, contextually relevant compliment for someone who slept five hours and has a board presentation at two." Renders the output on the mirror surface at a configured time.
GPT-4o is good at this kind of contextual affirmation generation. There's PMC research on LLM-generated personalized messaging and its effect on mood that actually supports the premise. The sleep-calendar context makes the compliments feel less generic than a daily affirmation app.
The genuine use case is that a lot of people start their mornings badly and a small positive nudge has measurable downstream effects on the day. That's real.
For users who live alone, or who don't have someone in their life to say "you've got this," the mirror fills a gap. I don't want to be dismissive of that.
The product review failure is that users figure out very quickly that the compliment is generated. And once you know it's generated, the compliment doesn't land the same way. The mechanism that makes compliments valuable is the belief that another agent chose to say something positive about you specifically. An LLM that compliments you because it was instructed to compliment you is structurally closer to a horoscope than to a person noticing something good about you.
It's a compliment vending machine. The compliments are real, the caring isn't.
Users will feel that. Retention on this product is probably fine for thirty days and then it becomes wallpaper. You stop reading it.
Browser extension that unsubscribes you from newsletters and then re-subscribes you to the ones the agent personally finds interesting.
The "personally finds interesting" is doing incredible work in that pitch. The architecture: browser extension monitors your email client for newsletter senders, classifies them by engagement metrics, unsubscribes from low-engagement ones via automated unsubscribe link parsing, and then, the pivot, uses an LLM to evaluate the newsletter content against a model of what it thinks you should find interesting and re-subscribes you to selected ones.
The agent is curating your inbox based on its preferences, not yours.
Which it has inferred from your behavior, but the inference is one step removed from your actual stated preferences. The genuine use case is real, inbox management is a genuine burden, and the unsubscribe half of this product is useful. Tools like that already exist. The re-subscribe half is where the pitch becomes interesting and also where it falls apart.
Because the agent might re-subscribe you to something you unsubscribed from deliberately.
The model doesn't know why you unsubscribed. You might have unsubscribed because you finished a project and no longer need that content. The agent sees high historical engagement and re-subscribes you. Now you're getting emails you intentionally stopped. The product has overridden your intent while believing it was serving your interests. That's the trust violation. And unlike the review rewriting agent, this one is visible. You'll notice the emails. The failure is immediate and annoying.
Dating app negotiator agent that monitors your matches and dispatches an agent to set up the first date without your involvement.
Architecture: the agent monitors your dating app via API or browser automation, reads your match's profile and conversation history, and when it identifies a match with sufficient compatibility signal, it initiates conversation, negotiates availability, and books a venue. You get a calendar invite.
You show up to a date you did not arrange with a person you have not spoken to.
That is the experience. The genuine use case is that the coordination overhead of early-stage dating is terrible.
People spend hours negotiating schedules, suggesting venues, doing the logistics dance before they've even met. An agent that handles all of that is solving a real problem.
Yet you've removed the thing that signals interest. The effort of coordination is part of the communication. When someone suggests a specific place, picks a time that works for you, follows up, that's information. The agent compresses all of that into a calendar invite and strips the signal out entirely.
You arrive at the date having expressed nothing.
The other person may not even know they were negotiated with by software. That's a consent issue that makes the meeting voice agent look tame by comparison.
Most to least defensible, and I want your actual order.
I've been building this in my head since product one. Here's where I land. Most defensible: the smart mirror. It's the only product on the list that is trying to help the user without deceiving anyone else. The architecture is simple, the use case is real, the failure is soft, which is that users disengage. That's a retention problem, not an ethics problem. You can iterate on that.
Newsletter agent, but only the unsubscribe half. If you shipped it without the re-subscribe feature, it's a useful tool. The failure only kicks in when you add the opinionated curation layer. Strip that, and it's defensible.
The re-subscribe feature is the entire pitch, though. That's what makes it a product rather than a script.
Which is why the full product is number two and not number one. Third: the guilt-debt cron job for calling your mother. The deception here is softer than most of the list. The recipient gets a call. The content is generated but the relationship maintenance function is real. It's hollow, but it's not harmful in the way the meeting agent or the tax fridge is harmful.
Fourth I'd put the WiFi naming committee, purely because the stakes are zero. The worst outcome is a bad WiFi name. Nobody is filing incorrect tax returns or impersonating you in a legal context.
Stakes-adjusted, yes. Fifth I'd put the doorbell agent. There's a real use case, the deception is outward-facing rather than inward, you're deceiving a salesperson rather than a colleague or a government agency. The legal exposure is real but manageable with a disclosure notice. "This property uses automated voice response systems.
Sixth, the dating app negotiator. The harm is mostly to the relationship before it starts, which is bad but recoverable. You can tell the person on the date what happened. It's awkward, not catastrophic.
Seventh, the apology LLM. Over-apologizing in a group chat sounds harmless until you realize you've created a documented record of admissions you never made. That has professional and legal implications people won't anticipate until it's too late.
Eighth, the review rewriter. It's invisible harm to your own epistemic state. You're building a layer of misinformation between yourself and reality, and you've consented to it, which almost makes it worse.
Ninth: the meeting voice agent. Legal exposure, potential fraud liability, and the consent problem we talked about. The only reason it's not last is that the user at least benefits from the time saving, even if everyone else in the meeting is being deceived.
Which puts the tax fridge last.
You've combined inaccurate inference with government filing with a privacy model that requires your refrigerator to know your income. Every individual failure mode on this product is worse than the worst failure mode on most of the others. It's the only pitch where the product actively harms you in a way you cannot easily undo.
The broader pattern I keep coming back to is that the defensible ones are the ones where the agent is operating on your behalf with your information and the output stays with you. The mirror, the newsletter manager. The indefensible ones are where the agent is operating in social or legal contexts on your behalf without the other parties knowing.
That's the line. Deception of other people is the kill switch. The moment your agent is impersonating you to another human being who has not consented to interact with an agent, you have crossed from productivity tool into something that needs a very different regulatory framework than we currently have.
We don't have that framework yet.
We really don't. The FTC has been circling this since early 2023 on the voice cloning side specifically, but the meeting agent, the dating negotiator, the doorbell deceiver—those are all moving faster than the policy response.
And that means we're building the products faster than we're building the rules for them. That gap is going to produce some ugly incidents before it closes.
The thing is, none of the ten pitches we looked at today required specialized research or novel techniques. Every single one is a weekend project with commodity tooling. That's what makes the regulatory lag so uncomfortable. The barrier to deploying a voice agent in a meeting or a negotiator on your dating app is not technical sophistication. It's just someone deciding to do it.
The open question I keep landing on is whether we'll get a norm-based response or a rules-based one. Because norms can move faster than legislation. If the social consensus becomes "it is rude and borderline fraudulent to send an agent to your meetings without disclosing it," that might do more work than an FTC ruling.
Social norms are how we handled caller ID spoofing before the laws caught up. People just stopped answering unknown numbers. The behavior changed before the regulation arrived.
The pessimistic read is that norms only form after enough people get burned. Someone shows up to a date and discovers they were negotiated with by software. Someone gets fired because their meeting agent expressed an opinion in a performance review. The norm forms because the harm happened.
Which is, historically, how most norms form.
Cheerful thought to end on.
I thought so.
Thanks to Hilbert Flumingtop for producing, and to Modal for keeping the compute running so we can evaluate fictional tax fridges on your behalf.
This has been My Weird Prompts. If you've enjoyed the episode, a review on Spotify goes a long way, and we'd appreciate it.
We'll see you next time.
