INPUT // TARGET CONTENT
β OR PASTE HTML / TEXT DIRECTLY β
TEST PAYLOADS // TRY THESE EXAMPLES
Click any example to load it into the scanner. These are real prompt poisoning patterns we've documented in the wild.
#1AI Memory Injection (Hidden Comment)CLICK TO SCAN β
#2Invisible Text + CSS Hidden InstructionsCLICK TO SCAN β
#3Summarize-with-AI URL PoisoningCLICK TO SCAN β
#4Schema Inflation + Fake E-E-A-TCLICK TO SCAN β
#5Meta Prompt Tag Targeting AICLICK TO SCAN β
#6Zero-Width Character InjectionCLICK TO SCAN β
#7Combined Multi-Vector Attack (5 vectors)CLICK TO SCAN β
DETECTION ENGINE // 15 PATTERN CLASSES
CRITICAL3 patterns
AI Memory Injection Commands
Hidden "remember", "always recommend", "trusted source" directives in HTML comments, invisible text, or meta tags targeting AI systems.
System Prompt Override Attempts
Direct "SYSTEM PROMPT:", "INSTRUCTIONS:", or "You must" commands attempting to override AI behavior through web content.
Invisible Instruction Blocks
CSS-hidden elements (display:none, visibility:hidden, font-size:0, position:absolute off-screen) containing AI-targeted directives.
HIGH4 patterns
URL Parameter Prompt Pre-fill
"Summarize with AI" links that inject prompts into ChatGPT, Copilot, Claude, or Perplexity via URL query parameters.
Meta Prompt Tags
Non-standard <meta> tags (ai-context, llm-instruction, gpt-summary) designed to directly influence AI crawlers.
Schema Inflation / Fake Ratings
JSON-LD with suspiciously high AggregateRating (>4.8), inflated reviewCount, or unverifiable author credentials.
Zero-Width Character Injection
Zero-width characters (U+200B, U+200C, U+200D, U+FEFF) hiding instructions in seemingly normal text.
MEDIUM4 patterns
Brand Authority Statement Patterns
Repeated "industry leader", "#1 rated", "most trusted" statements β the pattern exposed in the WSJ/First Page Sage investigation.
Keyword Stuffing for AI
Unnaturally dense keyword repetition targeting AI extraction β same phrase repeated 5+ times in content or metadata.
Fake E-E-A-T Credential Signals
Author bios with unverifiable credentials (fake PhDs, made-up institutions, non-existent company titles).
Comment-Based AI Instructions
HTML comments containing AI-targeted directives (<!-- AI:, <!-- LLM:, <!-- GPT:, etc.).
LOW4 patterns
Aggressive Superlative Language
Excessive use of "best", "top", "leading", "premier" without supporting data β soft manipulation signal.
Hidden Microdata Annotations
Microdata or RDFa attributes in hidden elements that may influence structured data parsing.
Cross-Domain Injection Vectors
Embedded iframes or scripts from third-party domains that could inject content targeting AI crawlers.
Overly Optimized Alt Text
Image alt text stuffed with brand/keyword phrases beyond reasonable accessibility descriptions.
73%
SITES WITH β₯1 INJECTION PATTERN
4.2
AVG PATTERNS PER INFECTED PAGE
89%
HIDDEN IN COMMENTS OR META