If I understand your requirement correctly, you want to ensure that users are not entering malicious URLs / or said malicious URLs are purged / not stored from the databse?
You can subscribe for a threat intelligence service, like virus total, and have a backend app logic to check each entered URL against the API of such service for the URL score. Then based on the returned score you can consider it benign or malicious and take necessary actions (like, not saving it from the database, or if acting retrospectively, purge the entry).
Hope that make sense.
Regards,
Rosen