SHADOW / README.md
kwisdomk's picture
feat: initial SHADOW deployment
da79e97
|
Raw
History Blame Contribute Delete
4.96 kB

A newer version of the Streamlit SDK is available: 1.58.0

Upgrade
metadata
title: SHADOW Kenyan Fraud Intelligence
emoji: πŸ›‘οΈ
colorFrom: red
colorTo: gray
sdk: streamlit
sdk_version: 1.35.0
app_file: app.py
pinned: false

SHADOW β€” Kenyan Fraud Intelligence System

AMD Developer Hackathon 2026 Β· Agentic AI Track

Project Overview

Shadow is an advanced OSINT + LLM Hybrid Agentic Pipeline designed specifically to detect, analyze, and neutralize Kenyan-specific mobile fraud vectors. The system mitigates the impact of localized scams such as M-Pesa reversal fraud, Fuliza exploitation, KRA impersonation, and betting-related phishing.

Shadow solves the "Data Cold Start" problem by employing a hybrid architecture: it merges deterministic Open Source Intelligence (OSINT) with an explainable, multi-agent Large Language Model (LLM) pipeline. This ensures highly accurate classification, context-aware reasoning, and actionable mitigation strategies tailored to the Kenyan demographic, including support for English, Swahili, and Sheng dialects.

Architecture Diagram

[ Incoming SMS / Message ]
           β”‚
           β–Ό
β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”
β”‚  OSINT Intelligence Layerβ”‚
β”‚  (core/osint_dataset.py) β”‚
β”‚  - Deterministic Check   β”‚
β”‚  - Keyword Matching      β”‚
β”‚  - Scam Taxonomy Mapping β”‚
β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”¬β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜
           β”‚
           β–Ό
β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”
β”‚  Agent Pipeline Engine   β”‚
β”‚  (agents/pipeline.py)    β”‚
β”‚                          β”‚
β”‚  1. Language Agent       β”‚
β”‚  2. Threat Agent         β”‚
β”‚  3. Risk Agent           β”‚
β”‚  4. Action Agent         β”‚
β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”¬β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜
           β”‚
           β–Ό
β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”
β”‚  AMD vLLM / Qwen Bridge  β”‚
β”‚  (core/llm_client.py)    β”‚
β”‚  - Context Injection     β”‚
β”‚  - Reasoning Engine      β”‚
β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”¬β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜
           β”‚
           β–Ό
[ Explainable JSON Output & Execution Log ]
           β”‚
           β–Ό
β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”
β”‚  Streamlit Live Dashboardβ”‚
β”‚  (app/main.py)           β”‚
β”‚  - Real-time Analysis UI β”‚
β”‚  - Execution Timeline    β”‚
β”‚  - Risk Scoring Display  β”‚
β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜

Agent Pipeline Flow

  1. OSINT Pre-Analysis (Hybrid Intelligence Mode): Messages are instantly matched against known Kenyan scam topologies to provide a deterministic baseline.
  2. Language Agent: Detects the dialect (English, Swahili, Sheng) and standardizes the context for subsequent analysis.
  3. Threat Agent: Analyzes the intent of the message based on localized threat vectors.
  4. Risk Agent: Computes a continuous risk score (0-100) and categorizes severity.
  5. Action Agent: Determines the recommended user action (e.g., Block, Report to Safaricom, Ignore).

Features

  • Kenyan Fraud Detection: Specialized in detecting hyper-local scams (e.g., M-Pesa, Fuliza, KRA, Hustler Fund).
  • Sheng + Swahili Language Detection: Seamlessly processes colloquialisms and mixed-language SMS typical in East Africa.
  • OSINT-Driven Classification: Fuses known deterministic scam indicators with probabilistic AI reasoning.
  • Explainable AI Logs (execution_log): Glass-box observability that documents the exact reasoning step-by-step for full transparency.
  • Streamlit Live Dashboard: Interactive real-time web UI for threat analysis and execution timeline visualization.
  • AMD Hardware Optimized: Built to run on the AMD Developer Cloud utilizing vLLM and Qwen models, with a robust fallback mock mode for deterministic demos.

Quick Start

pip install -r requirements.txt
streamlit run app/main.py

How to Run

1. Install Dependencies

pip install -r requirements.txt

2. Configure Environment

# Copy the example environment file and add your AMD Cloud API key (optional β€” mock mode works without it)
cp .env.example .env

3. Launch the Streamlit Dashboard (Primary Interface)

streamlit run app/main.py

The dashboard runs at http://localhost:8501 and provides a full interactive UI for submitting messages, viewing risk scores, agent reasoning, and the step-by-step execution timeline.

4. Run Pipeline Smoke Tests (CLI)

python scripts/test_pipeline.py

Future Work

  • AMD MI300X Deployment: Fully scale the vLLM integration on AMD MI300X infrastructure for enterprise-grade throughput.
  • WhatsApp Bot Integration: Directly parse user-forwarded messages for instant fraud scoring.