# SuperFunnels AI — Funnel Creation Walkthrough Report **Date:** February 6, 2026 **Researcher:** Automated walkthrough via Clawdbot **Account:** jake@burtonmethod.com (logged in as Jake Shore) **Account Email on File:** sftesta6577921@virgilian.com **Plan:** Free ($0, 3 credits, limited to 1 GHL account) **Tokens Balance:** 0 --- ## Executive Summary SuperFunnels AI is a HighLevel (GHL) funnel cloning/generation tool built on Laravel/Filament with Livewire components. **The Funnel Wizard is completely gated behind GoHighLevel account connection** — without valid GHL credentials, you cannot access any funnel creation functionality. The app requires both GHL API connection AND a login session (browser-based) to function. The funnel creation wizard (visible via tutorial video thumbnail) collects business information and uses AI to generate funnel copy, then deploys directly to GHL. --- ## Step-by-Step Walkthrough ### Step 1: Login (Already Authenticated) - **URL:** `https://app.superfunnelsai.com/app/login` - **Result:** Session was already active from previous exploration. Redirected to dashboard. - **Screenshot:** `step01-dashboard-ghl-connect.png` ### Step 2: Dashboard — GHL Connection Required - **URL:** `https://app.superfunnelsai.com/app` - **What's shown:** "Quick Setup" page with "Connect Your HighLevel Account" as the primary CTA - **Two connection methods offered:** 1. **Chrome Extension** (1-Click Connect) — installs `dollonnbdephinbelejjjjeidfcncfod` extension 2. **HighLevel Login Credentials** — opens a modal to enter GHL email/password - **Screenshot:** `step04-connect-ghl-full.png` - **Key observation:** The entire app is essentially non-functional without GHL connection ### Step 3: GHL Login Modal - **Triggered by:** "Use HighLevel Login Credentials →" button - **Modal fields:** - GoHighLevel Email (placeholder: you@agency.com) - Password (placeholder: ••••••••) - Checkbox: "Remember my session (encrypted)" (checked by default) - Red warning text: "Login to your HighLevel account to continue." - **API endpoint:** `POST /api/ghl-session/login` - **Screenshot:** `step02-ghl-login-modal.png` ### Step 4: GHL Login Attempt (Failed) - **Entered:** jake@burtonmethod.com / FMQ-gbd6qxb@zmb6mbt (SuperFunnels credentials, NOT GHL) - **Result:** "Invalid email or password" — correctly rejects non-GHL credentials - **Screenshot:** `step11-ghl-login-invalid.png` - **Key insight:** The system proxies login to GoHighLevel's auth system, NOT its own ### Step 5: Funnel Wizard Navigation (Blocked) - **URL attempted:** `https://app.superfunnelsai.com/app/funnel-cloner` - **Result:** Server-side redirect back to `https://app.superfunnelsai.com/app` (dashboard) - **Toast notification:** "HighLevel Connection Required — Before you can start creating magic, you need to authorize your HighLevel login session" - **Screenshot:** `step03-ghl-required-toast.png` ### Step 6: User Settings - **URL:** `https://app.superfunnelsai.com/app/user-settings` - **Accessible:** ✅ Yes - **Data shown:** - Name: Jake Shore - Email: sftesta6577921@virgilian.com - Password: (empty, "Leave empty to keep current") - **Screenshot:** `step05-user-settings.png` - **Finding:** The displayed email differs from login email — account uses auto-generated email ### Step 7: Subscription Management / Plans & Billing - **URL:** `https://app.superfunnelsai.com/app/subscription-management` - **Accessible:** ✅ Yes - **Plans visible (all one-time pricing, not subscriptions):** | Plan | Price | Credits | GHL Accounts | Key Features | |------|-------|---------|-------------|--------------| | **Free** (Current) | $0 | 3 | 1 | 3 pre-selected templates | | **Starter** | $297 (was $597) | 100 | 1 | 500+ template library, AI copywriting | | **Agency** (Most Popular) | $497 (was $997) | 1000 | 100 | Import any template, Super Editor license | | **Founder's Lifetime Deal** | $1,297 (was $2,997) | 1500 | Unlimited | White label, VIP support, 24 left | - **Screenshot:** `step06-subscription-plans.png` ### Step 8: Funnel Builds - **URL:** `https://app.superfunnelsai.com/app/funnel-builds` - **Accessible:** ✅ Yes - **Content:** "No builds yet." — empty state - **Screenshot:** `step07-funnel-builds-empty.png` ### Step 9: My Templates - **URL:** `https://app.superfunnelsai.com/app/ghl-templates` - **Accessible:** ✅ Yes - **Content:** "No Templates" — empty state with search/filter - **Screenshot:** `step08-templates-empty.png` ### Step 10: Import GHL Templates - **URL:** `https://app.superfunnelsai.com/app/ghl-templates/import` - **Accessible:** ✅ Yes (page loads) - **Content:** "Upgrade required — Want to import your own templates? Upgrade to get access." - **Screenshot:** `step09-import-templates-upgrade.png` ### Step 11: Support / FAQ - **URL:** `https://app.superfunnelsai.com/app/support/get-support` - **Accessible:** ✅ Yes - **FAQ content:** - Authentication requires GHL API connection + login session - "You need to use the exact same credentials you used to login to HighLevel" - Template import not available on all plans - **Screenshot:** `step12-support-faq.png` ### Step 12: Tutorials Modal - **4 tutorial videos available:** 1. "Connecting Super Funnels AI with HighLevel" (Getting Started) 2. "Creating a HighLevel funnel or website in Super Funnels AI" (Getting Started) 3. "Importing HighLevel templates to your Super Funnels AI account" (Getting Started) 4. "Importing a template from any HighLevel link" (Getting Started) - **Screenshot:** `step13-tutorials-modal.png` ### Step 13: Tutorial Video — Funnel Creation Wizard Revealed - **Video URL:** `https://www.youtube.com/watch?v=WVuQzcg1fs0` - **Title:** "Creating a HighLevel funnel or website in Super Funnels AI" - **Screenshot:** `step14-tutorial-video-showing-wizard.png` The video thumbnail clearly shows the **Funnel Creation Wizard Form** with these fields: | Field | Required | Placeholder/Description | |-------|----------|------------------------| | **Business Name** | MANDATORY FOR AI | "Name of the business" | | **Business Description** | MANDATORY FOR AI | "Describe the business in 2-3 sentences" | | **"FILL THE REST WITH AI" button** | N/A | Auto-fills remaining fields from name + description | | **Business niche** | Optional | "e.g., Local Bakery, Digital Marketing Agency, Fitness Studio, Restaurant, Law Firm" | | **Who is it for?** | Optional | "Describe the niche, role, or demographic you're targeting" | | **What are you offering?** | Optional | "Summarize the offer, service or product" | | **Value proposition** | Optional | "Explain the main problem you solve and the outcome you promise" | | **Why choose you?** | Optional | "Mention differentiators, proof, guarantees, awards, etc." | | **Call to action** | Optional | "e.g., Book a consult, Start free trial, Claim your seat" | | **Tone of Voice** | Optional | (visible but placeholder cut off) | | **Back / Let's GO! 🚀** | N/A | Navigation buttons | --- ## Technical Architecture & Findings ### Tech Stack - **Framework:** Laravel (PHP) with Filament admin panel - **Frontend:** Livewire (server-side rendering) + Alpine.js + React (for GHL login modal) - **Build tool:** Vite (app-CQli-r76.js bundle) - **Real-time:** Laravel Echo + WebSockets (attempting `wss://ws.app.theagencytoolkit.com`) - **CSS:** Tailwind CSS - **Hosting:** Cloudflare (CDN/proxy) - **Domain:** app.superfunnelsai.com (note: WebSocket domain is `app.theagencytoolkit.com`) ### API Endpoints Discovered | Endpoint | Method | Purpose | |----------|--------|---------| | `/api/ghl-session/login` | POST | Authenticate GHL credentials (proxied to GHL auth) | | `/api/ghl-session/extension` | POST | Store session from Chrome extension SSO | | `/api/funnel-clone/credentials` | DELETE | Forget stored GHL session | | `/livewire/update` | POST | Livewire component updates | | `/livewire/upload-file` | POST | File uploads | ### Chrome Extension Details - **Extension ID:** `dollonnbdephinbelejjjjeidfcncfod` - **Name:** Super Funnels AI SSO - **Version:** 0.1.1 - **Size:** 19.22 KB - **Developer:** Code & Beans AB (Swedish company) - **Developer contact:** nils@codeandbeans.se, +46 70 629 05 80 - **Communication:** Uses `window.postMessage` with types: - `GHL_EXTENSION_PING` (from app to extension) - `GHL_EXTENSION_READY` (from extension to app) - `GHL_EXTENSION_LOGIN_RESPONSE` (from extension to app) - **Session data captured:** refresh_token, sessionToken, refreshedToken, backendAuthToken, lcApiAuthToken, apiKey, companyId, userId, userType, locationId ### GHL Session Flow 1. User clicks "Use HighLevel Login Credentials" 2. React modal opens with email/password fields 3. POST to `/api/ghl-session/login` with `{email, password, remember}` 4. Server proxies to GHL auth, may return: - Success → page reloads, GHL connected - 2FA required → OTP modal shown - Account selection → multiple accounts picker shown - Invalid credentials → error message 5. On success, encrypted session is stored server-side 6. All subsequent GHL operations use this stored session ### Funnel Clone Job System The topbar shows a real-time progress tracker for funnel creation jobs: - **States:** idle → queued → running → completed/failed/cancelled - **Special state:** `awaiting_two_factor` (needs 2FA) - **Progress stages tracked in JS:** - Stage normalization with percentage mapping - Confetti animation on completion - Job status polling via API - LocalStorage persistence of job state - **Result data includes:** funnelUrl, builderUrl, locationId, funnelId - **GHL builder URL format:** `https://app.gohighlevel.com/v2/location/{locationId}/funnels-websites/funnels/{funnelId}/` ### Console Errors & Warnings 1. **WebSocket SSL Error:** `ERR_SSL_UNRECOGNIZED_NAME_ALERT` for `wss://ws.app.theagencytoolkit.com` — real-time features are broken 2. **Livewire Assets Outdated:** Persistent warning about published assets being out of date 3. **User ID Not Found:** Cannot initialize real-time notifications 4. **419 CSRF Error:** Token expiration during session 5. **Livewire Entangle Errors:** Properties `data.message` and `data.attachment` not found on support question component ### Security-Relevant Observations 1. **GHL Credentials Proxied:** The app acts as a credential proxy — users enter GHL email/password directly into SuperFunnels AI's modal, which then authenticates server-side 2. **"Remember my session (encrypted)"** — stores GHL session data encrypted server-side 3. **Session tokens captured:** Multiple token types stored (refresh_token, sessionToken, backendAuthToken, lcApiAuthToken, apiKey) 4. **CSRF protection:** Present (`OLq1l8a2zSmvCVKh9pE4lfldQC8MMarc0sakjTUQ`) 5. **WebSocket domain mismatch:** `app.theagencytoolkit.com` vs `app.superfunnelsai.com` — suggests rebranding or shared infrastructure 6. **Horizon accessible** (returned 403, not 404) — Laravel Horizon exists 7. **Log-viewer accessible** (returned 403, not 404) — Log viewer exists 8. **No rate limiting observed** on GHL login attempts --- ## What Would Happen If GHL Was Connected Based on the tutorial video, marketing site, and code analysis, the full funnel creation flow would be: ### Step 1: Template Selection - Choose from 500+ pre-built funnel templates - Or "Clone an Existing Funnel" by providing a GHL funnel URL - Templates categorized by industry/use case ### Step 2: Business Information (The Wizard Form) 1. Enter **Business Name** (required for AI) 2. Enter **Business Description** (required for AI) 3. Click **"FILL THE REST WITH AI"** — AI auto-generates: - Business niche - Target audience ("Who is it for?") - Offering description - Value proposition - Differentiators ("Why choose you?") - Call to action text - Tone of voice 4. User can edit any AI-generated field 5. Click **"Let's GO! 🚀"** ### Step 3: AI Content Generation - AI rewrites all template copy using the business information - All copy is made unique and brand-specific - Progress tracked in real-time via topbar ### Step 4: Deployment to GHL - Funnel is created directly in the user's GHL sub-account - Progress shown: queued → running → completed - On completion: confetti animation + link to open funnel in GHL builder - Funnel accessible at: `https://app.gohighlevel.com/v2/location/{locationId}/funnels-websites/funnels/{funnelId}/` --- ## Blocker Summary | Blocker | Impact | Workaround | |---------|--------|------------| | GHL Connection Required | **HARD BLOCK** — Cannot access Funnel Wizard | Need valid GHL credentials | | Free Plan (0 tokens) | Would limit funnel creation even if connected | Upgrade to paid plan | | WebSocket Errors | Real-time notifications don't work | Non-blocking, page can still function | **The GHL connection is a true server-side gate** — not just a frontend check. The `/app/funnel-cloner` route returns a 302 redirect to `/app` when GHL session is not active. There is no client-side bypass possible. --- ## Files & Screenshots | File | Description | |------|-------------| | `step01-dashboard-ghl-connect.png` | Dashboard with GHL connection prompt (sidebar visible) | | `step02-ghl-login-modal.png` | GHL login modal (empty) | | `step03-ghl-required-toast.png` | Toast notification: "HighLevel Connection Required" | | `step04-connect-ghl-full.png` | Full connection page with sidebar collapsed | | `step05-user-settings.png` | User settings page showing account details | | `step06-subscription-plans.png` | Full pricing page with 4 tiers | | `step07-funnel-builds-empty.png` | Empty funnel builds page | | `step08-templates-empty.png` | Empty templates page | | `step09-import-templates-upgrade.png` | Import templates - upgrade required | | `step10-ghl-login-filled.png` | GHL login modal with credentials entered | | `step11-ghl-login-invalid.png` | GHL login error: "Invalid email or password" | | `step12-support-faq.png` | Support FAQ page | | `step13-tutorials-modal.png` | Tutorials modal showing 4 videos | | `step14-tutorial-video-showing-wizard.png` | Video thumbnail revealing the funnel wizard form | --- ## Key Takeaways 1. **SuperFunnels AI is fundamentally a GHL integration tool** — it cannot function standalone 2. **The AI wizard collects 9 fields of business data** — 2 required, 7 optional (auto-fillable by AI) 3. **Revenue model is one-time credit purchases** ($0-$1,297) — not subscriptions 4. **The Chrome extension captures multiple GHL auth tokens** — refresh, session, backend auth, LC API auth, and API key 5. **Developer is Code & Beans AB** (Sweden), contact: nils@codeandbeans.se 6. **WebSocket infrastructure uses `theagencytoolkit.com`** domain — separate from main app domain 7. **Tutorial video URL:** https://www.youtube.com/watch?v=WVuQzcg1fs0 — shows complete wizard 8. **The app has multiple infrastructure issues** — broken WebSockets, outdated Livewire assets, CSRF token expiration