Zeda

Inspiration

We built Zeda because misinformation and phishing are now mixed into everyday workflows: emails, social posts, and shared screenshots. During the hackathon, we wanted a tool that helps people pause before trusting content, especially when messages use urgency, fear, or fake authority.

What it does

Zeda has two modes:

• Verify: checks whether a claim is supported by evidence.
• Protect: detects scam/privacy risk patterns in text, URLs, and images.

Users can submit raw text, a URL, or a screenshot. Zeda extracts content, analyzes it, assigns a score, explains why, and returns a report with suspicious parts and source/evidence details when available.

In the extension, users can run the same flow directly on any page from a slide-in sidebar, including screenshot capture (full view or selected area) and paste-from-clipboard.

How we built it

We built a full-stack pipeline:

• Frontend web app: React + Vite UI with mode-based flow (Verify/Protect), upload/input handling, and results rendering.
• Backend API: Node.js + Express endpoints for /api/ingest, /api/verify, and /api/protect.
• Content ingestion:
  • OCR for image inputs.
  • URL scraping/normalization for web inputs.
  • Text normalization for raw inputs.
• Analysis layer:
  • Claim/risk analysis with LLM-backed prompts.
  • Heuristic scoring + structured output normalization.
• Browser extension (Manifest V3):
  • Background service worker for secure API calls.
  • Content script + Shadow DOM sidebar UI.
  • Page capture workflows and quick analysis actions.
• Performance UX:
  • Per-step timing in UI: [ T_{\text{total}} = T_{\text{extract}} + T_{\text{analyze}} + T_{\text{report}} ]
  • Users can see where latency is spent.

Challenges we ran into

• Large screenshot payloads causing 413 Payload Too Large.
• OCR reliability on complex/dark screenshots and noisy images.
• Timeout behavior and slow end-to-end analysis under hackathon constraints.
• Score calibration drift (legit content too risky, scams too low).
• Frontend result-shape mismatches causing rendering errors.
• MV3 extension permissions and capture constraints (activeTab, host permissions).
• Syncing branch changes quickly while avoiding merge conflicts.

Accomplishments that we're proud of

• Delivered a working multimodal trust-checking product in hackathon time.
• Shipped both a web app and a browser extension with consistent behavior.
• Built a practical Verify/Protect workflow with interpretable scoring and reasons.
• Added screenshot and clipboard-driven analysis for real browsing contexts.
• Improved transparency with step-level timing in analysis progress.
• Stabilized UX and scoring after iterative debugging and calibration.

What we learned

• Reliability comes from fallbacks + normalization, not just model quality.
• Scoring systems must be calibrated with adversarial and benign examples.
• MV3 extension architecture requires careful separation of UI and privileged logic.
• Real user trust improves when the system explains both score and evidence path.
• Tight team coordination and disciplined branch hygiene are critical under time pressure.

What's next for Zeda

• Stronger grounding and citation quality for Verify results.
• Better phishing/domain intelligence and richer Protect signals.
• Faster inference path with caching and smarter parallelization.
• Improved OCR pipeline for difficult screenshots.
• Persistent report history and collaboration/sharing features.
• Publish-ready extension hardening and store deployment.
• Continuous evaluation suite to track false positives/false negatives over time.

Built With

• apis
• app
• chrome
• chrome-extension-(manifest-v3)
• content-script
• css
• eslint
• express.js
• extension
• git
• github
• google-gemini-api-(analysis/reporting)
• html
• javascript
• node.js
• npm
• openai-vision/ocr-api-(image-text-extraction)
• pipeline
• radix-ui
• react
• react-router
• scraping
• service-worker
• shadcn/ui
• shadow-dom
• tailwind-css
• tanstack-query
• typescript
• url
• vite
• vitest
• web