Skip to main content

Contextual Ambiguity & Trust Scoring — trust intelligence for OSINT sources

Project description

CATS — Contextual Ambiguity & Trust Scoring

Trust intelligence for OSINT sources — not fact-checking, but source reliability over time.

CI Coverage Python 3.11+ License: MIT GDPR EU AI Act


What is CATS?

❌ Fact-checking ✅ CATS
"Is this information true?" "How reliable is this source, in this context, right now?"

CATS analyses the behavioural patterns of a source over time — narrative consistency, sentiment volatility, temporal gaps, and signs of algorithmic manipulation — and returns a transparent, explainable trust score.


Signals

Signal What it measures Method
Coherence Entity/argument consistency across messages spaCy NER + Jaccard (or optional Sentence-BERT) similarity
Volatility Abrupt narrative tone changes TextBlob (or optional BERT) sentiment spike detection
Silence Anomalous temporal gaps in publishing Gap analysis vs. source-type thresholds
Gaming Signs of algorithmic manipulation Repetition + TTR + burst + vocab diversity

Try it in 5 lines (no infrastructure)

No database, no Redis, no API keys — the signal pipeline as a plain library call:

from cats.lite import score

result = score([
    {"timestamp": "2026-01-01T08:00:00Z", "text": "Il governo annuncia un piano economico."},
    {"timestamp": "2026-01-01T12:00:00Z", "text": "I sindacati commentano il piano."},
    {"timestamp": "2026-01-02T09:00:00Z", "text": "Il parlamento discute la legge di bilancio."},
], source_type="news")

print(result["trust_score"], result["band"], result["explanation"]["primary_driver"])

Install from PyPI: pip install cats-scoring (add cats-scoring[sbert] for the multilingual coherence backend, and python -m spacy download it_core_news_lg for full-fidelity NER coherence — without it the signal degrades to a neutral value). The full API below adds persistence, auditing and GDPR endpoints.

Or try it in the browser: Open In Colab


Quick Start (full deployment)

# 1. Clone and configure
git clone https://github.com/Leapfrog-LSA/CATS-Contextual-Ambiguity-Trust-Scoring.git && cd CATS-Contextual-Ambiguity-Trust-Scoring
cp .env.example .env          # fill in secrets (see .env.example)

# 2. Install
make dev-install              # deps + pre-commit hooks
make nlp-download             # spaCy it_core_news_lg + TextBlob corpora

# 3. Start services and run
make docker-up                # PostgreSQL 16 + Redis 7
make db-migrate               # Alembic migrations
uvicorn cats.api.main:app --reload

# 4. Test
make test

Generate a secure AUDIT_ENCRYPTION_KEY: make generate-key


API Example

curl -s -X POST http://localhost:8000/v1/cats/evaluate \
  -H "Authorization: Bearer $CATS_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "source_id": "twitter:example_handle",
    "messages": [
      {"timestamp": "2026-01-01T08:00:00Z", "text": "Governo annuncia piano economico."},
      {"timestamp": "2026-01-01T09:00:00Z", "text": "Protesta dei lavoratori in piazza."},
      {"timestamp": "2026-01-01T10:00:00Z", "text": "Parlamento discute la legge di bilancio."}
    ],
    "context": {"source_type": "social"}
  }' | jq
{
  "trace_id": "550e8400-e29b-41d4-a716-446655440000",
  "score": 68.4,
  "band": "medium_high",
  "requires_review": false,
  "signals": [
    {"name": "coherence",  "value": 71.2, "confidence": 0.3},
    {"name": "volatility", "value": 55.0, "confidence": 0.15},
    {"name": "silence",    "value": 0.0,  "confidence": 0.1},
    {"name": "gaming",     "value": 12.8, "confidence": 0.06}
  ]
}

Trust Score Bands

Score Band Recommended Action
80–100 high Usable for OSINT
60–79 medium_high Cross-validate key claims
40–59 medium Human review recommended
20–39 low Human review required
0–19 very_low Do not use without validation

⚠️ Scores are ordinal rankings, not absolute probabilities (WP 4.3).


Architecture

CATS — 9-phase OSINT evaluation pipeline

Client (HTTPS + Bearer token)
        │
   nginx (rate 30 req/min · TLS 1.3 ready)
        │
   FastAPI — 9-phase pipeline
   ├─ POST /v1/cats/evaluate
   ├─ POST /v1/cats/batch                ← evaluate up to 50 sources at once
   ├─ GET  /v1/cats/explain/{trace_id}   ← GDPR Art.14/22
   ├─ POST /v1/cats/contest/{trace_id}   ← GDPR Art.22
   ├─ POST /v1/cats/contest/{id}/resolve ← GDPR Art.22 (human decision)
   ├─ POST /v1/cats/review/{trace_id}    ← flag for human review
   ├─ GET  /v1/cats/stats
   └─ GET  /health  /metrics
        │                │
     Redis 7          PostgreSQL 16
  (rate limiting)   (AES-256 audit log)
                    + APScheduler purge

The nginx reverse proxy (rate limiting, security headers) is configured in deploy/nginx.conf and started by make docker-up. It listens on HTTP by default; a commented TLS 1.3 server block (with cert instructions) is provided in the same file — enable it before any non-local deployment.

See docs/architecture.md for full signal and security details.


Documentation

Document Description
docs/api.md Full API reference
docs/architecture.md Signal algorithms, weight matrix, security design
docs/compliance.md GDPR + EU AI Act compliance
docs/eu_ai_act/ EU AI Act conformity scaffold (Annex IV, Art. 9/10)
docs/calibration.md Empirical weight calibration (genetic search)
docs/calibration_findings_2026-07-28.md Future-snapshot validation (concordance 0.755)
docs/signal_research_2026-07.md Domain-provenance signal investigation (v2.0)
CHANGELOG.md Version history
CONTRIBUTING.md Development guide
SECURITY.md Vulnerability reporting

Known Limitations (WP 4.1)

  • NLP accuracy ~55–62% (default): spaCy NER + TextBlob; optional BERT sentiment and Sentence-BERT coherence backends are available for higher accuracy (see .env.example)
  • Partially calibrated parameters: signal weights are empirically calibrated with cats.calibration and validated on a future snapshot (data/calibrated_weights.json), but band thresholds and silence thresholds remain unvalidated initial estimates
  • Small validation set (July 2026): calibration rests on 56 RSS-labelled sources, validation on a 53-source future snapshot; see the 28 Jul findings for the honest numbers (holdout concordance 0.755, Spearman +0.553) and their caveats
  • Single dominant signal: discrimination currently rests almost entirely on silence (holdout ρ −0.43; coherence/volatility/gaming carry ~no rank information) — an adversary publishing on a regular cadence would collapse scores toward chance; see signal research for the v2.0 hardening work
  • Italian-optimised: using it_core_news_lg; other languages degrade accuracy
  • Ordinal scoring only: not suitable as sole basis for autonomous decisions

Roadmap

Done

Version Status Key features
v1.0 spaCy NER · 9-phase pipeline · GDPR API · Docker
v1.1 BERT Italian sentiment · multi-tenant PostgreSQL · batch endpoint · Prometheus /metrics · nginx
v1.2 Sentence-BERT coherence · explainer attribution · weight calibration
v1.3 Signal-polarity fix in aggregation · distant-supervision dataset (MBFC + disinfo networks) · snapshot accumulation · cats.lite + PyPI packaging
v1.3.1 CATS_WEIGHTS_FILE/CATS_API_KEYS alias fix · contest-resolution endpoint (GDPR Art. 22) · per-key rate limiting

Already merged for the next release (unreleased): calibrated weights validated on a future snapshot (28 Jul 2026, holdout concordance 0.755 > 0.70 target) and shipped as the recommended production table in data/calibrated_weights.json; domain-provenance signal spike (research/domain_provenance_spike.py) showing +0.02 holdout concordance.

Pending — v2.0 (2027)

  1. Signal hardening — discriminative power currently rests on silence alone; the fifth domain-provenance signal is a v2.0 candidate pending calibration and re-validation (see docs/signal_research_2026-07.md).
  2. Content-credibility signal — catch fake news published on ordinary domains, which domain structure alone cannot detect.
  3. AUC-ROC ≥ 0.78 on a larger validation set.
  4. Full EU AI Act technical documentation (Annex IV/IX).

License

MITtechnical@cats-system.org

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

cats_scoring-1.4.0.tar.gz (54.9 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

cats_scoring-1.4.0-py3-none-any.whl (66.1 kB view details)

Uploaded Python 3

File details

Details for the file cats_scoring-1.4.0.tar.gz.

File metadata

  • Download URL: cats_scoring-1.4.0.tar.gz
  • Upload date:
  • Size: 54.9 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for cats_scoring-1.4.0.tar.gz
Algorithm Hash digest
SHA256 6aace5669609cfb5d4aacec0c276eebb9466375e57dae1997330b18f86b0c75b
MD5 cca1942fdac03146625eee5806fe3b97
BLAKE2b-256 e8d99b2936d89e08c2430f45b19b7e20ef9975c53f64985cd650019a94d57573

See more details on using hashes here.

Provenance

The following attestation bundles were made for cats_scoring-1.4.0.tar.gz:

Publisher: release.yml on Leapfrog-LSA/CATS-Contextual-Ambiguity-Trust-Scoring

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file cats_scoring-1.4.0-py3-none-any.whl.

File metadata

  • Download URL: cats_scoring-1.4.0-py3-none-any.whl
  • Upload date:
  • Size: 66.1 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for cats_scoring-1.4.0-py3-none-any.whl
Algorithm Hash digest
SHA256 0611020a36659fe3f4299599743c5dc608472a9a2de4de355cfe0e9fa5b7f611
MD5 5224f240b93381b4e4511aab3aa0bbd5
BLAKE2b-256 f857b0347521c23354b0cdb124ee8012fbfcff598e5ebede4418ce593b40dcc9

See more details on using hashes here.

Provenance

The following attestation bundles were made for cats_scoring-1.4.0-py3-none-any.whl:

Publisher: release.yml on Leapfrog-LSA/CATS-Contextual-Ambiguity-Trust-Scoring

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page