All products
Defensive Intelligence for the Last MileWeb · Cloudflare-hosted

Stop Phishing at the Edge Before the First Click.

Protect your support teams with real-time, headless URL analysis and vision OCR. URL Sidekick unshortens, renders, and audits suspicious links within your Salesforce and Zoom workflows.

Deploy Secure TriageRead Technical Spec

URL Sidekick

Problem & Solution

Built for what actually goes wrong

Pain point

Support agents clicking zero-day phishing nodes or transient C2 links that bypass standard filters.

Value pillar

Edge-native headless scanning via Cloudflare Radar renders URLs in a sandbox to catch cloaked threats.

Pain point

Attackers using image-based lures or screenshots to hide malicious URLs from text-based scanners.

Value pillar

Workers AI LLaVA integration extracts and audits embedded links from screenshots via multi-modal OCR.

Deep technical features

What ships in the box

Headless Triage Engine

Powered by Hono and Cloudflare Workers for sub-10s p95 verdict latency. Automates deep unshortening (up to 10 hops) and multi-resolution rendering with Zero-PII sanitization.

Multi-Modal Vision OCR

Leverages Workers AI (LLaVA) to parse URLs directly from image attachments and screenshots, closing the "screenshot loophole" in customer support chat streams.

Omni-Channel Integration

Native Salesforce LWC and Zoom Contact Center Apps provide inline verdicts and real-time warnings directly within the agent's primary workspace console.

Security & Compliance

Built on enterprise-grade infrastructure

Zero-PII verdict pipeline running on Cloudflare Workers — no link content is ever indexed by public scanners. Render artifacts are stored in R2 under your tenancy with a 30-day default retention.

Zero-PII verdictsCloudflare Workers + RadarWorkers AI LLaVAR2 artifact retention
Network

Cloudflare global edge — innate DDoS protection, zero cold-starts.

Identity

Clerk (SOC 2 Type II, GDPR) for multi-tenant fleets; PBKDF2 for single-tenant apps.

Subprocessors

Cloudflare & Resend (SOC 2 Type II) · Stripe (PCI-DSS Level 1).

Product roadmap

From foundation to fleet scale

  1. Phase 1Shipped

    Foundation — Core Triage Engine

    • Hono-based REST API with D1 relational persistence.
    • Headless scan orchestration via Cloudflare Radar (Unlisted visibility).
    • Deterministic risk scoring and R2 artifact logging for HAR and screenshots.
  2. Phase 2In progress

    Vision & CRM Expansion — Integrations

    • Workers AI LLaVA deployment for image-to-URL extraction.
    • Salesforce LWC rollout with LMS chat monitoring and toolkit overwrites.
    • Zoom Contact Center App registration and Engagement context extraction.
  3. Phase 3Next

    Scale & Governance — Enterprise Evolution

    • Time-of-Click rewriting proxy for persistent link protection.
    • Clerk-backed multi-tenant organization support and metered billing.
    • Real-time Zoom voice transcript scanning via RTMS WebSocket integration.

Ready to bring URL Sidekick into your stack?

Talk to our team about deployment, custom SLAs, and integration with your existing identity and observability stack.

Request a consultation