Inspiration
Although algorithms are deterministic, people are often the weakest link in cybersecurity. After exploring K2 Think V2’s deep reasoning and long-context capabilities, we realized it was powerful enough to enable truly in-depth AI sandbox analysis. That insight led us to build a system where complex browser behavior could be understood and translated into clear, real-time safety signals.
What it does
PhishTank is a Chrome extension that uses an AI sandbox to analyze web pages before users interact with them. It scores links in real time and provides short explanations, helping users quickly understand whether a site is safe, suspicious, or dangerous. It also highlights the specific signals behind each warning, so users can make more informed decisions online.
How we built it
We built a Chrome extension with a backend pipeline that runs links through an AI sandbox using Playwright. Gemma 4 processes and structures the sandbox outputs, which are then piped into K2 Think V2 for deep reasoning, allowing us to generate accurate safety scores and concise, user-friendly explanations in real time. We also cache recent scan results to keep repeat checks fast and reduce unnecessary backend work. The extension surfaces the final verdict directly in the browser, giving users clear context before they click or submit sensitive information.
Challenges we ran into
gVisor only supports Linux, making cross-platform compatibility more difficult. We also faced challenges balancing deep analysis with fast, real-time responses, while handling dynamic sites with redirects and async behavior.
Accomplishments that we're proud of
We combined state-of-the-art reasoning (K2 Think V2) with flexible, multimodal processing (Gemma 4) to transform complex browser behavior into simple, actionable safety signals—bringing near–security analyst-level insight directly into the browsing experience. Each page is opened inside a hardened gVisor sandbox, isolating potentially malicious behavior from the host while still allowing the system to observe redirects, scripts, forms, and network activity safely.
What we learned
- Built an asynchronous pipeline for real-time link analysis.
- Learned how to combine browser automation, sandboxing, caching, and AI models.
- Used Gemma 4 and K2 Think V2 for structured analysis and deeper reasoning.
- Turned complex security signals into simple scores and clear explanations.
- Learned how to create a AI powered Chrome extension.
What's next for PhishTank
We plan to improve model accuracy, expand threat detection, and optimize performance. We also want to enhance explanations, add user feedback loops, and support more browsers beyond Chrome. To scale Phishtank, we could introduce a subscription plan with premium features such as higher scan limits, team dashboards, advanced reporting, and priority threat analysis.
Log in or sign up for Devpost to join the conversation.