NXA Outreach Extension, Security-First LinkedIn AI Chrome Extension

TL;DR

A security-first Chrome Extension (MV3) that lives on linkedin.com/in/* profile pages. Reads the profile silently (20 fields), scores it against your ICP locally, researches the company via Perplexity Sonar Pro, drafts 3 personalised messages via Claude Haiku 4.5, and renders them in a closed Shadow DOM panel invisible to LinkedIn’s DOM scanners. Backed by an 8-layer safety architecture and a 13-state deterministic machine.

The Problem

Existing LinkedIn automation tools fall into two failure modes:

1. Spammy form-fillers. No real personalisation. Generic templates that fail at the first reply.
2. Account-restriction risks. No daily ceilings, no warm-up schedules, no cooldown floors, no acceptance-rate monitoring. Accounts get restricted in weeks.

What was needed: AI-personalised outreach that respects LinkedIn’s safe usage limits absolutely, never touches cookies or internal APIs, and gets nothing about the prospect wrong.

Outcome

The extension passes due-diligence on every recurring objection an experienced LinkedIn operator raises:

• Never reads document.cookie, never intercepts LinkedIn XHR / fetch, never calls LinkedIn internal APIs.
• Closed Shadow DOM panel invisible to LinkedIn’s DOM scanners. Clean separation from the host page.
• Hard daily and weekly ceilings (40 / 200) baked into constants, not user-settable. Per-action cooldowns persisted via chrome.alarms (survives service worker restarts).
• Acceptance-rate monitor. Warns below 40%, auto-pauses below 25%. Stops you from poisoning your own funnel.
• 7-day warm-up schedule for new accounts (10 to 15 to 20 per day ramp). Cannot be turned off in the first week.
• Session-hours gate. Only acts during configured business hours (default 8 AM to 7 PM).
• Human-simulation click sequence for sends. Natural typing speed, randomised dwell times.

Tech Stack

Component	Technology	Purpose
Extension runtime	Chrome Extension MV3	Manifest V3 with service worker
Language	TypeScript 5.7	End-to-end type safety in extension and worker
Backend API	Cloudflare Workers + Hono v4	Edge-deployed routes for research, draft, classify
Reasoning	Anthropic Claude Haiku 4.5	Message drafting, ICP classification
Research	Perplexity Sonar Pro	Real-time company intel with 15-day KV cache
Persistence	Cloudflare KV	API keys, company intel cache, lead buffer, knowledge assets
UI isolation	Closed Shadow DOM	Panel invisible to LinkedIn DOM scanners
CRM sync	Google Sheets via Apps Script v2	47-column Leads tab plus Accounts tab

Key Functionality

• Silent profile reader extracting 20 fields (name, headline, experience, skills, education, recent activity, premium status, open-to-work, mutual connections).
• Local ICP pre-scorer with weighted signals (titles, industries, geography, exclude-if terms, pain points). Confident matches skip the LLM classifier to save tokens.
• Real-time company research via Perplexity Sonar Pro (recent hiring, funding, news) with 15-day KV cache keyed by company domain.
• 3 personalised drafts per profile via Claude Haiku 4.5: connection note (≤280 chars), post-connection message (400 to 650 chars), follow-up message (300 to 450 chars).
• Settings SPA with 11 tabs: My Company, Knowledge Library (RAG), ICP Profiles, Message Styles (6 tone presets plus A/B), AI and Models, Sheets and CRM, Follow Ups, Limits and Safety, Performance, Diagnostics, Logs.
• 47-column CRM write to Google Sheets on every send, with Accounts tab keyed by company domain, plus local KV buffer for retry.
• A/B style framework for message tones, with rolling acceptance-rate tracking per style.
• Diagnostics ring buffer (500-entry rolling log) exportable as JSON for troubleshooting.

Live on a LinkedIn profile: ICP match + research signals, AI-drafted connection note ready to send, multi-tab settings SPA, weighted ICP profile configuration