Update honeypot_api and README

honeypot_api.py

@@ -8,7 +8,7 @@ from transformers import BertTokenizer, BertForSequenceClassification
 
 API_KEY = os.getenv("HONEYPOT_API_KEY")
 GUVI_CALLBACK_URL = "https://hackathon.guvi.in/api/updateHoneyPotFinalResult"
-MIN_MESSAGES_FOR_CALLBACK = 12  # ensures high engagement score
+MIN_MESSAGES_FOR_CALLBACK = 10
 
 logging.basicConfig(level=logging.INFO)
 
@@ -141,33 +141,79 @@ def extract_intelligence(text):
 def generate_agent_reply(session_id):
 
     history = conversation_store[session_id]
-    turn = len(history)
-
-    progressive_questions = [
-        "Can you send me your official phone number so I can verify this?",
-        "Which bank account or UPI ID should I use to make the payment?",
-        "Can you share the exact amount and any processing fee details?",
-        "Can you send the official link or website where I can check this?",
-        "Can you share your employee or case ID so I feel safe?",
-        "Can you confirm the last four digits of the account you are talking about?",
-        "Which email address or helpdesk should I contact if something goes wrong?",
-        "Can you send the reference number or policy or order ID for this?",
-        "Can you resend the instructions step by step so I do not make a mistake?",
-        "Before I continue, can you clearly explain why this is so urgent?"
-    ]
-
-    prefixes = [
-        "You are asking for sensitive details and I feel a bit unsure.",
-        "This sounds urgent and about my account and I am worried.",
-        "I want to understand this properly before I share anything.",
-        "I do not want any issues with my money or personal data.",
-        "Please clarify everything clearly so I can trust this."
-    ]
-
-    question = progressive_questions[min(turn // 2, len(progressive_questions)-1)]
-    prefix = random.choice(prefixes)
-
-    reply = f"{prefix} {question}"
+    turn = len([m for m in history if m["sender"] == "scammer"])
+
+    last_scammer_text = ""
+    for m in reversed(history):
+        if m["sender"] == "scammer":
+            last_scammer_text = m["text"]
+            break
+
+    text_lower = last_scammer_text.lower()
+
+    upi_hint = None
+    email_hint = None
+    amount_hint = None
+
+    upi_match = re.search(r"[a-zA-Z0-9.\-_+]+@[a-zA-Z]+", last_scammer_text)
+    if upi_match:
+        upi_hint = upi_match.group(0)
+
+    email_match = re.search(r"[a-zA-Z0-9.\-_+]+@[a-zA-Z0-9.\-]+\.[a-zA-Z]+", last_scammer_text)
+    if email_match:
+        email_hint = email_match.group(0)
+
+    amount_match = re.search(r"rs\.?\s*([\d,]+)", text_lower)
+    if amount_match:
+        amount_hint = amount_match.group(1)
+
+    otp_flag = "otp" in text_lower
+    fee_flag = "fee" in text_lower or "charges" in text_lower or "processing" in text_lower
+    account_flag = "account" in text_lower
+    link_flag = "http://" in text_lower or "https://" in text_lower or "link" in text_lower
+
+    if upi_hint:
+        reply = (
+            f"I see you are asking me to send money to UPI ID {upi_hint}. "
+            "I am not comfortable sending any payment until I can verify this is really from the bank. "
+            "Can you share an official way I can confirm that this UPI ID actually belongs to your organisation?"
+        )
+    elif otp_flag:
+        reply = (
+            "You are asking for my OTP and that makes me very uncomfortable. "
+            "I was always told never to share an OTP with anyone. "
+            "Why do you need my OTP at all if you already have my details?"
+        )
+    elif fee_flag or amount_hint:
+        if amount_hint:
+            reply = (
+                f"You mentioned a payment of around Rs.{amount_hint} plus extra charges. "
+                "This sounds unusual for a security check. "
+                "Can you explain clearly why this amount is required and whether there is any official receipt?"
+            )
+        else:
+            reply = (
+                "You keep talking about fees and charges and I do not fully understand them. "
+                "Can you break down every fee and confirm if there are any hidden costs?"
+            )
+    elif link_flag:
+        reply = (
+            "You are asking me to trust this without showing me any proper website or link I can verify. "
+            "Can you give me an official page from my bank's website where this process is explained clearly?"
+        )
+    elif account_flag:
+        reply = (
+            "You keep mentioning my account but I still do not know if you are really from the bank. "
+            "Can you prove your identity in some official way before I share any account details?"
+        )
+    else:
+        generic_questions = [
+            "Can you explain step by step what exactly you want me to do?",
+            "Is there any other safe way to handle this without me sharing sensitive details right now?",
+            "Can you clearly confirm how my account will be affected if I wait a bit?",
+            "Can you tell me which branch or department you are actually calling from?",
+        ]
+        reply = random.choice(generic_questions)
 
     if not reply.endswith("?"):
         reply += "?"
@@ -239,7 +285,8 @@ def send_callback(session_id):
     engagement = compute_engagement_score(session_id)
     intel = intelligence_store[session_id]
 
-    duration_seconds = max(240, len(conv) * 6)
+    scammer_count = len([m for m in conv if m["sender"] == "scammer"])
+    duration_seconds = max(240, scammer_count * 24)
 
     conf_values = confidence_store.get(session_id, [])
     if conf_values:
@@ -338,7 +385,8 @@ def honeypot_message():
     conversation_store[session_id].append({"sender": "agent", "text": reply})
 
     if scam and not callback_done[session_id]:
-        if len(conversation_store[session_id]) >= MIN_MESSAGES_FOR_CALLBACK:
+        scammer_msgs = [m for m in conversation_store[session_id] if m["sender"] == "scammer"]
+        if len(scammer_msgs) >= MIN_MESSAGES_FOR_CALLBACK:
             send_callback(session_id)
 
     engagement = compute_engagement_score(session_id)