Features

6 layers of protection.
Every email. Every time.

GuardScope runs all six layers in parallel — you get a complete intelligence report in under 8 seconds.

Get Early Access — Free
Layer 01

Mercury-2 AI Deep Scan

A reasoning AI writes a full chain-of-thought before reaching its verdict. It detects urgency manipulation, impersonation, social engineering, and psychological pressure tactics. Temperature locked to 0 for 100% deterministic results.

Chain-of-thought reasoning per email
Detects 9 threat modules including BEC
Temperature=0 — zero hallucination risk
6,000 character body analysis window
Layer 02

DNS Authentication (SPF / DKIM / DMARC)

All three email authentication protocols verified against Cloudflare DNS over HTTPS. A 20-selector DKIM probe catches misconfigured selectors that basic tools miss. Results framed with full semantic accuracy.

SPF alignment — is the sender authorised?
20-selector DKIM probe via Cloudflare DoH
DMARC policy enforcement check
MX record validation
Layer 03

Link Safety Scan — 5 Sources in Parallel

Every URL in the email is extracted — including plain-text URLs not in anchor tags — and checked against five threat intelligence databases simultaneously. Results arrive in seconds, not minutes.

VirusTotal v3 — 90+ antivirus engines
Google Safe Browsing v4 — real-time
PhishTank — confirmed phishing database
URLhaus — live malware URL feed
SpamHaus DBL — sender domain blocklist
Layer 04

Domain Age & Registrar Intel

Attackers register lookalike domains days or hours before a campaign. RDAP protocol lookup reveals registration date, registrar, and risk classification — catching brand-new threat infrastructure that reputation databases haven't catalogued yet.

RDAP protocol — no API key needed
Domain age in days/hours
Registrar risk classification
Instant flag for domains < 30 days old
Layer 05

BEC & Authority Impersonation Detection

200+ brand list and 45 executive authority patterns catch Business Email Compromise — CFO wire transfer requests, fake lawyer threats, government impersonation, and C-suite fraud. Combined with freeProvider detection to catch Gmail-based BEC.

200+ brand impersonation patterns
45 BEC authority roles (executive/legal/govt)
Display name spoofing detection
Free email provider + authority = instant escalation
Layer 06

Nigeria & Africa Threat Context

The engine is specifically calibrated for the African threat landscape — EFCC/CBN fraud patterns, BVN phishing, advance-fee 419 scams, and Nigerian fintech impersonation attacks. Plus NDPR 2023 and GDPR compliance built in.

EFCC/CBN impersonation patterns
BVN phishing detection
Advance-fee (419) content classifier
Côte d'Ivoire / Senegal threat patterns
FR + EN bilingual analysis
Security Architecture

Built secure from the ground up

Six layers of security architecture protecting both your data and the platform itself.

Zero Email Storage

Email body, headers, and URLs are never persisted. analysis_history stores only the sender domain — never content.

Zero Secrets in Extension

All API calls go through the backend. The Chrome extension contains no API keys, tokens, or secrets of any kind.

Rate Limiting

Upstash Redis rate limiting: 10/min + 50/hr for authenticated users. 5/min + 5/day for anonymous users. Hard quotas enforced server-side.

Prompt Injection Defense

9 regex patterns strip prompt injection attempts before any text reaches Mercury-2. XML tag wrapping adds another layer of separation.

JWT Auth on All Endpoints

Every authenticated endpoint validates JWT server-side. The promo validate endpoint additionally checks that JWT email matches request email.

Supabase RLS

Row-Level Security on all Supabase tables. Users can only read their own data. Tier escalation and quota manipulation vectors removed in migration 004.

Ready to guard your inbox?

Start free — 5 analyses per day, no credit card needed.

Get Early Access