I personally have zero "antivirus" apps. There are no actual "viruses" for Android (malware that can propagate itself between devices), the main malware risk is the "trojan" variety, i.e. malware, or a malware downloader, hidden inside what the victim thinks is an innocent app. This is why being careful where you install apps from is the main protection, with being careful about what apps you install even from legitimate sources being the second line of defense (malware does sometimes get into the Play Store, so apps that seem to request a lot more permissions than they would need for their function should be avoided. The tricky thing being knowing what permissions make sense if you aren't particularly technical!). The probability of encountering this stuff in the Play Store is not high, and does vary between countries. But for myself I figure that a touch of common sense about installation and some knowledge of common phishing cons is sufficient.
I have heard stories about different AV apps confusing each other (i.e. one reports the other as malware), but have never experienced that. They do also report false positives, so if you get an alert from one it might do no harm to have a second opinion available.
Clicking on a link is not going to magically give someone that sort of access to your phone. The risk is downloading and installing malware. It's possible for a script on a webpage to trigger a download (though you should see a notification about it), but making it install is a different matter. This is however why I never grant a web browser the ability to install apps(*).
(*) And I am quietly - or not so quietly - appalled that so many web browsers can actually be granted the permission to install apps. Because if you do that it just requires someone to figure out how to write a script that can tell the browser to install what they just downloaded, and even if they don't the download will likely be followed by a prompt to install which a careless person might click. So to me it's just a triumph of convenience over security to ever grant a browser permission to install an app, and if I was boss of Google for a day I'd bar any browser from doing that - starting with Chrome! The good news is that browsers don't have that permission by default, you have to actively enablet it, and you would know if you had done so (so no need to panic!).