Mike/ShieldAI
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add ShieldAI browser extension with phishing & spam detection (FRE-4576)

Browse Source 
- Extension package: Manifest V3, background service worker, content scripts
- Phishing detection engine with heuristic analysis (typosquatting, entropy, TLD, brand impersonation)
- Local URL caching layer (Storage API) for <100ms cached lookups
- Popup UI with protection status, stats, and phishing report button
- Options page for settings management (blocked/allowed domains, feature toggles)
- Server-side extension routes: URL check, phishing report, auth, stats, exposure check
- Tier-aware feature gating (Basic/Plus/Premium)
- 25 passing tests for phishing detection heuristics
- Declarative net request rules for known phishing patterns
- DarkWatch integration for credential exposure checks
- Firefox compatibility layer via build modes

Co-Authored-By: Paperclip <noreply@paperclip.ing>
This commit is contained in:
Michael Freno
2026-05-09 21:53:29 -04:00
parent e5294ec712
commit de0ddac65d
27 changed files with 2591 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

43
packages/extension/tests/cache.test.ts Normal file
View File

@@ -0,0 +1,43 @@
import { describe, it, expect } from 'vitest';
import { phishingDetector } from '../src/lib/phishing-detector';
import { UrlVerdict, ThreatType } from '../src/types';
describe('PhishingDetector (cache test)', () => {
describe('analyzeUrl', () => {
it('should return SAFE for legitimate URLs', () => {
const result = phishingDetector.analyzeUrl('https://www.google.com/search?q=test');
expect(result.verdict).toBe(UrlVerdict.SAFE);
});
it('should detect suspicious TLD', () => {
const result = phishingDetector.analyzeUrl('https://free-prize.tk/claim');
expect(result.threats.some((t) => t.type === ThreatType.DOMAIN_AGE)).toBe(true);
});
it('should detect typosquatting', () => {
const result = phishingDetector.analyzeUrl('https://goggle.com/login');
expect(result.threats.some((t) => t.type === ThreatType.TYPOSQUAT)).toBe(true);
});
it('should detect IP address hostname', () => {
const result = phishingDetector.analyzeUrl('http://192.168.1.100/admin');
expect(result.threats.some((t) => t.type === ThreatType.PHISHING_HEURISTIC)).toBe(true);
});
it('should detect phishing pattern in hostname', () => {
const result = phishingDetector.analyzeUrl('https://login-secure-portal.xyz/account');
expect(result.threats.some((t) => t.type === ThreatType.PHISHING_HEURISTIC)).toBe(true);
});
it('should detect HTTP protocol', () => {
const result = phishingDetector.analyzeUrl('http://example.com/login');
expect(result.threats.some((t) => t.type === ThreatType.MIXED_CONTENT)).toBe(true);
});
it('should return UNKNOWN for malformed URLs', () => {
const result = phishingDetector.analyzeUrl('not-a-real-url');
expect(result.verdict).toBe(UrlVerdict.UNKNOWN);
});
});
});