move.tech

Developer
Documentation

Complete technical documentation for integrating and deploying move.tech's AI-powered email security solution.

Quick Navigation

Requirements

System requirements and GPU specifications

Installation

Step-by-step installation guide

Configuration

API keys and model configuration

Privacy & Security

Data handling and security practices

System Requirements

Hardware and software requirements for different deployment modes.

Common Requirements

  • Node.js (v18 or higher)
  • Chrome Browser (v88 or higher)
  • ImageMagick (for icon generation)

OpenAI API Mode (Default)

  • OpenAI API key
  • Internet connection

Local LLM Mode

  • NVIDIA GPU with 6GB+ VRAM
  • Chrome with WebGPU enabled
  • CUDA support (recommended)

GPU Specifications for Local LLM Mode

Model compatibility and performance varies by GPU capabilities.

Entry GPUs (6GB VRAM)

Limited to heavily quantized models

Performance: Basic protection

Supported Models:

SmolLM2-360M-Instruct-q4f16_1-MLC

Mid-range GPUs (8GB VRAM)

Can run most quantized models

Performance: Good balance of speed and accuracy

Supported Models:

Llama-3.2-3B-Instruct-q4f16_1-MLC

High-end GPUs (12GB+ VRAM)

Can run larger, more accurate models

Performance: Best accuracy and performance

Supported Models:

Custom SOTA models (coming soon)

Coming Soon: Specialized SOTA Model

We're training a specialized state-of-the-art model specifically for email security analysis that will:

  • • Be optimized for phishing detection using real-world data
  • • Require less VRAM through advanced quantization
  • • Provide better instruction following for security analysis
  • • Support more GPUs through various quantization options

Installation Guide

Step-by-step instructions to get move.tech running in your environment.

Quick Start

1. Clone the repository:

git clone https://github.com/yourusername/capybara.git
cd capybara

2. Install dependencies:

npm install

3. Set up configuration:

cp config.template.js config.js
# Edit config.js with your settings

4. Generate extension icons:

./create_icons.sh

5. Build the extension:

npm run build

6. Load in Chrome:

  • • Open Chrome and navigate to chrome://extensions
  • • Enable "Developer mode"
  • • Click "Load unpacked" and select the dist directory

Important Notes

  • • This extension requires a production build to run (npm run build)
  • • Development mode is not supported due to Chrome's Content Security Policy
  • • After configuration changes, rebuild and refresh the extension
  • • Never commit your config.js file or share API keys

Configuration

Configure API keys, models, and deployment options.

Configuration Options

OptionTypeDefaultDescription
providerstring'openai'Either 'openai' (default) or 'webllm'
OPENAI_API_KEYstringundefinedYour OpenAI API key (required for OpenAI mode)
modelstring'gpt-4-turbo-preview'Primary model to use (OpenAI: 'gpt-4-turbo-preview', 'gpt-3.5-turbo-1106'; WebLLM: varies by GPU)
backupModelstring'gpt-3.5-turbo-1106'Fallback model for OpenAI mode when rate limited

OpenAI API Mode (Recommended)

export const CONFIG = { OPENAI_API_KEY: 'your-api-key-here', provider: 'openai', model: 'gpt-4-turbo-preview', // Primary model to use (supports JSON mode) backupModel: 'gpt-3.5-turbo-1106' };

Local WebLLM Mode

export const CONFIG = { provider: 'webllm', model: 'SmolLM2-360M-Instruct-q4f16_1-MLC' };

CI/CD Configuration

For CI/CD pipelines, set these secrets in your GitHub repository:

  • OPENAI_API_KEY: Your OpenAI API key
  • CODECOV_TOKEN: Your Codecov token

Privacy & Security

How we handle your data and protect your privacy.

OpenAI API Mode

  • • Email content sent to OpenAI's API for analysis
  • • Includes: subject, body content, attachment names/types
  • • All API calls use encrypted HTTPS
  • • API key stored locally, never shared
  • • No data persistence or tracking

Local LLM Mode

  • • Uses WebLLM to run models locally on your GPU
  • • No data leaves your computer
  • • Performance depends on GPU capabilities
  • • Complete privacy and offline operation
  • • No external API calls required

Data Flow & Processing

Data Extraction

  • • Subject line
  • • Email body content
  • • Attachment names/types only

Analysis

  • • Phishing risk assessment
  • • Business communication patterns
  • • Attachment risk evaluation
  • • Context-aware false positive reduction

Results

  • • Risk levels and explanations
  • • UI display only
  • • No persistent storage
  • • Memory cleared on email close

Architecture

Modular architecture designed for extensibility and maintainability.

src/content/

Gmail integration and UI components

src/background/

Chrome extension background scripts

src/ml/

Machine learning model integration

src/utils/

Shared utilities and helpers

Development & Testing

Development Commands

npm run buildnpm testnpm run test:allnpm run coverage

Test Coverage

  • • Unit tests using Jest
  • • Integration tests for Chrome API
  • • End-to-end tests for Gmail integration
  • • 95% statements, 90% branches coverage

Ready to Get Started?

Contact our team to get access to the move.tech browser extension and start protecting your email communications.