How It Works
Layer 7 provides users with an immediate 0–10 risk score alongside a human-readable verdict (e.g., "Verified Safe", "Be Careful", "Scam Alert"). It operates on three distinct scanning layers to ensure accuracy and adapt to emerging threats in the Philippine digital space:
Google API Sync
Cross-references inputs against the Google Safe Browsing database for known malicious domains.
Heuristic Engine
Analyzes syntax for common local smishing/phishing patterns (e.g., specific bank impersonations).
Community Score
Aggregates anonymous user feedback to dynamically boost risk scores on unreported, zero-day scams.
System Architecture
The project is strictly decoupled. The frontend is an optimized Vite/React application featuring the scanner UI and an open metrics dashboard. The backend is powered by Python via FastAPI, utilizing Supabase for persistent data and telemetry.
Vite + React
- → Multi-modal UI
- → Result Visualization
- → Metrics Dashboard
FastAPI
API & Data Flow
-
1
Core Verification (
/api/verify):Handles the primary ingestion of content. Includes in-memory rate limiting and basic content filtering to prevent abuse. It queries external security feeds and calculates the final 0-10 risk assessment.
-
2
Telemetry & Crowdsourcing (
/api/feedback):Allows users to report results directly from the React UI as "safe", "suspicious", or "phishing". This mutates the internal
community_scoreweight without exposing PII. -
3
Public Dashboard (
/api/metrics/summary):Exposes non-sensitive telemetry—scans per day, risk distribution, Google Safe Browsing hit rates, and total feedback counts—powering the frontend data visualization layer.