v1.4.0 — The Shield Wall Update
NEW: 5 Advanced Shields added on top of the 5 Core Engines
• QR Phishing Scanner — detects malicious QR codes on web pages
• Dark Pattern Detector — flags deceptive UI tricks
• AI Chat Privacy Firewall — blocks prompt exfiltration in AI chatbots
• Prompt Poaching Shield — prevents invisible prompt theft from copied text
• Extension Supply Chain Detector — alerts on suspicious browser extensions

PRIVACY & SECURITY
• URL hash k-anonymity (Safe Browsing v4 prefix pattern)
• Tamper-resistant state logging with uninstall feedback flow
• Enhanced social media security scanner with geolocation checks

DETECTION
• Social engineering patterns expanded (QR-quishing, tech support scams)
• MAIN-world bridge for detecting fetch/sendBeacon/XHR exfiltration
• Domain age enrichment via RDAP (flags domains < 7 days old)
• Cross-script correlation: +15-25% confidence boost on multi-detector flags

• Social Media Safety Score — Automatically verify your Facebook, Instagram,
X, LinkedIn, and TikTok security settings (2FA, privacy, DMs, location)
when you visit their settings pages. No manual self-assessment needed.

• Zero-Day Phishing Detection — New heuristics catch minimal credential
harvesters, fake MFA pages, subdomain bait, QR-code quishing, and
late-injected SPA forms that bypass traditional blocklists.

• Behavioral Exfiltration Monitor — Detects fetch, sendBeacon, XMLHttpRequest,
and rapid pushState abuse used by modern phishing kits.

• Privacy Mode Enforcement — STRICT mode now redacts threat payloads and
URL hashes. FORTRESS mode suppresses all telemetry and heartbeats.

• Held-Out Detection Benchmark — 88.9% STANDARD / 100% AGGRESSIVE
catch rate on unseen threats with 0% false positives on benign flows.

Improvements:
• Reduced permission surface — 'management' is now an optional permission
• LRU cache eviction prevents memory growth on long sessions