v0.3.0

TrustBot v0.3.0

First release of the V2 investigation flow.

What's new

• Added V2 investigation endpoints:
  • POST /v2/investigations/analyze
  • GET /v2/investigations/{investigation_id}
  • POST /v2/investigations/{investigation_id}/artifacts
• Added persisted V2 investigations, artifacts, and evidence with SQLite-backed local storage
• Added weighted V2 decisioning with RISKY, NEED_MORE, and LIKELY_SAFE
• Added provider-based evidence collection on top of existing V1 heuristics
• Added heuristic impersonation and domain-reputation checks
• Added automatic URL extraction from text into derived V2 link artifacts
• Added tools/demo_v2.py for local V2 testing
• Added regression tests and golden-case fixtures
• Updated README and added CHANGELOG.md

Validation

• python -m pytest
• 4 passed

Notes

• V2 is still heuristic-first and intentionally conservative
• LIKELY_SAFE remains rare by design
• Impersonation and reputation checks are currently lightweight and rule-based

Quick start

python -m venv .venv
.\.venv\Scripts\python.exe -m pip install -r requirements.txt
.\.venv\Scripts\python.exe -m uvicorn app.main:app --reload

Try V2:

.\.venv\Scripts\python.exe tools\demo_v2.py --text "URGENT: Your KYC is pending. Click https://bit.ly/verify-kyc and share OTP now."

TrustBot v0.2.1 — README polish + sample output

What’s new

README rewritten for clarity: risk-first goal, quickstart, and cleaner structure

Added PowerShell-friendly examples for text/link/image/PDF analysis

Added sample output JSON (RISKY case) and guidance on interpreting results

Added non-affiliation disclaimer (WhatsApp/Meta) + “SAFE is rare” semantics explanation

Notes

The bot is intentionally optimized for forwarded suspected spam/scam content; most messages resolve to RISKY or UNSURE.

Link expansion/provenance checks may vary over time depending on live redirect destinations.