🧩 Challenges I Ran Into
While building Web Watch Phish, I faced several challenges that tested both technical skills and problem-solving mindset:

1. 🧠 Accurately Identifying Phishing URLs
   Phishing websites often use slightly modified domains or obfuscated URLs to bypass detection. Early on, many legitimate sites were being flagged as suspicious, and some real threats were slipping through.

Solution: I refined the detection logic by integrating machine learning-based classifiers and relying on known phishing databases like PhishTank and OpenPhish. I also added a confidence threshold to reduce false positives.

2. ⚙️ Integrating with Lovable AI's Workflow
   Since Lovable is optimized for rapid app deployment, connecting external APIs (like threat detection services) wasn’t as straightforward as using plain JavaScript or Node.js.

Solution: I created custom API endpoints and used webhooks with Lovable’s action blocks to communicate between the detection engine and the user interface. With some trial and error, I achieved real-time scanning without compromising UX.

3. 🧪 Testing Edge Cases
   Some phishing URLs are short-lived or geo-targeted, making it hard to test consistently. The scanner also had to account for redirect chains and link cloaking.

Solution: I built a sandbox environment to simulate real phishing conditions and manually collected a list of test URLs for edge-case handling.

💡 What I Learned
How to integrate ML tools with no-code/low-code platforms

The importance of balancing accuracy with user experience

That security tools must evolve quickly—just like the threats they defend against