PrivCheck-Agent

Python project for detecting identity-theft / sensitive-credential requests in text. It uses a rule-first pipeline with an optional ML fallback and returns structured decisions: SAFE, REVIEW, or BLOCK, plus evidence and suggested actions.

Scope and labels

Sensitive entities:

• Government ID: SSN, passport
• Financial: credit/debit card, CVV/CVC
• Account takeover: passwords, OTP/2FA codes, PINs, recovery codes

Outputs:

• Decision: SAFE, REVIEW, BLOCK
• Action: allow, ask_clarification, refuse
• Entities + evidence + confidence

Quick start

python -m venv .venv
source .venv/bin/activate
pip install -r requirements.txt
python -m privcheck_agent.cli "Please send your SSN and passport number."

Pipeline overview

1. Rule detector: normalize text, match entity patterns, require nearby collection intent verbs (send/provide/enter/submit).
2. ML fallback (optional): catch paraphrases and ambiguous requests.
3. Decision: SAFE/REVIEW/BLOCK with evidence and confidence.
4. Action: allow, ask for clarification, or refuse.

Train the ML fallback (optional)

python train_ml.py

This creates model.pkl. The agent automatically loads it if present.

File layout

• privcheck_agent/agent.py: pipeline and guard logic
• privcheck_agent/rules.py: regex, intent, and extraction rules
• privcheck_agent/ml.py: ML fallback and model loading
• privcheck_agent/cli.py: command line entry
• data/sample_train.jsonl: starter training data