Has This Site Been Poisoned?
Check if a domain has been poisoned to attack AI agents
Protecting AI agents from weaponized websites
—
threats tracked
—
domains flagged
—
data sources
—
critical severity
What is Indirect Prompt Injection?
1.
Hidden Instructions
Attackers embed invisible instructions in web pages using techniques like zero-size fonts, CSS hiding, or HTML comments.
2.
AI Agent Visits
When an AI agent browses the page (e.g. for research, ad review, or shopping), it reads the hidden text along with visible content.
3.
Hijacked Behavior
The hidden instructions override the agent's task — approving scam ads, leaking data, making unauthorized purchases, or destroying files.
Protect Your AI Agents
Integrate HTSBP into your workflow via REST API or MCP server.