PhishShield AI Agent — Advanced Cyber Layer

Udyam & Startup India recognized AI agent that detects phishing attempts in real-time and interactively explains flaws to users using Google Cloud Gemini API.

Comment

Inspiration

Our main inspiration came from seeing innocent people everyday falling victim to fake websites and identity theft. As a young team, we realized that traditional antivirus systems only block known bad links, but they fail to catch zero-day phishing attacks. Having achieved the Top-14 Finalist rank at the Startup India AI Grand Challenge 2025, we wanted to push our model to the next level. We wanted to build something that not only detects the threat but also acts as an interactive mentor to guide users in real-time.

What it does

PhishShield AI Agent is an advanced cyber security layer. It takes incoming URLs, text data, or suspicious email headers and runs them through a dynamic analysis pipeline. Instead of a simple "Safe/Unsafe" notification, our AI Agent interacts with the user, breaking down the technical red flags—such as domain age, lookalike characters (typosquatting), and hidden malicious scripts—explaining why a site is a threat in simple words.

How we built it

We integrated our core phishing detection algorithms with the power of Google Cloud Vertex AI and Gemini APIs to handle the natural language understanding and contextual explanation. The backend utilizes Python for automated web scraping and metadata evaluation, while the frontend gives a clean, interactive agent dashboard where users can submit and investigate suspicious threats.

Challenges we faced

One of the biggest hurdles was minimizing false positives—making sure that safe enterprise websites don't get flagged erroneously. We solved this by creating a multi-layered verification system that checks SSL certificate chains against a trusted whitelist before passing data to the Gemini LLM model for contextual checking.

What we learned

Through this Google Cloud Rapid Agent Hackathon, we mastered building robust, scalable cloud agents. We learned how to efficiently prompt-engineer large language models for complex security assessments and how to chain Google Cloud services together to handle live, high-speed network traffic securely.

What's next for PhishShield AI Agent

We plan to scale our infrastructure using Google Cloud Kubernetes, deploy a free Chrome Extension for the developer community, and expand our automated threat intelligence network to make the web a safer place for everyone, globally.

Built With

  • agentscybersecuritymachine
  • aigemini
  • apiai
  • cloud
  • pythongoogle
  • vertex
Share this project:

Updates