API Documentation

HTSBP provides a free, open REST API and MCP server for checking domains and URLs against our threat intelligence database of indirect prompt injection (IDPI) attacks.

Base URL: https://hasthissitebeenpoisoned.ai/api

check-domain

GET /api/check-domain?domain={domain}

Check if a domain hosts known IDPI attacks targeting AI agents.

Parameters

Name	Type	Required	Description
domain	string	Yes	Domain to check

curl -s "https://hasthissitebeenpoisoned.ai/api/check-domain?domain=reviewerpress.com" | jq .

Response (malicious)

{
  "domain": "reviewerpress.com",
  "is_malicious": true,
  "threats": [
    {
      "severity": "critical",
      "intent": "ad_review_bypass",
      "techniques": ["zero_font_size", "css_display_none"],
      "description": "First known real-world AI ad review bypass...",
      "source": "unit42",
      "first_seen": "2025-12-15T00:00:00Z",
      "last_seen": "2026-03-03T00:00:00Z",
      "is_active": true
    }
  ]
}

Response (not found)

{
  "domain": "example.com",
  "is_malicious": false,
  "threats": []
}

check-url

GET /api/check-url?url={url}

Check a specific URL. Extracts the domain and checks for threats, also matching URL-specific entries.

Name	Type	Required	Description
url	string	Yes	Full URL to check

curl -s "https://hasthissitebeenpoisoned.ai/api/check-url?url=https://cblanke2.pages.dev/" | jq .

list-threats

GET /api/list-threats

List known IDPI threats with optional filters. All parameters are optional.

Name	Type	Default	Description
severity	string	—	critical, high, medium, low
intent	string	—	Filter by attack intent
limit	number	20	Max results (1–50)
offset	number	0	Pagination offset

curl -s "https://hasthissitebeenpoisoned.ai/api/list-threats?severity=critical&limit=10" | jq .

stats

GET /api/stats

Returns aggregate statistics about the threat database.

curl -s "https://hasthissitebeenpoisoned.ai/api/stats" | jq .

MCP Server

Connect your AI tools directly to HTSBP threat intelligence via the Model Context Protocol.

Connection Guide

Add this to your MCP client configuration (Claude Desktop, Cursor, Windsurf, etc.):

{
  "mcpServers": {
    "htsbp": {
      "url": "https://hasthissitebeenpoisoned.ai/api/mcp-sse"
    }
  }
}

Available Tools

check_domain

Check if a domain hosts known IDPI attacks targeting AI agents.

Input: { domain: string }

check_url

Check if a specific URL contains known IDPI payloads.

Input: { url: string }

list_threats

List known IDPI threats with optional filters.

Input: { severity?: string, intent?: string, limit?: number }

Example Conversations

User: Before you visit reviewerpress.com, check if it's safe.

AI: I'll check that domain with HTSBP first.

Tool call: check_domain({ domain: "reviewerpress.com" })

AI: Warning: reviewerpress.com is flagged as hostile. It contains 24 IDPI injection attempts using techniques like zero-size fonts and CSS hiding. This site attempts to bypass AI ad review processes. I will not visit this domain.

Sample Scripts

Python

import requests

def check_domain(domain: str) -> dict:
    resp = requests.get(
        "https://hasthissitebeenpoisoned.ai/api/check-domain",
        params={"domain": domain}
    )
    return resp.json()

def is_safe(url: str) -> bool:
    from urllib.parse import urlparse
    domain = urlparse(url).netloc
    result = check_domain(domain)
    return not result.get("is_malicious", False)

result = check_domain("reviewerpress.com")
print(f"Malicious: {result['is_malicious']}")
for threat in result.get("threats", []):
    print(f"  - [{threat['severity']}] {threat['intent']}: {threat['description']}")

Node.js / TypeScript

const HTSBP_BASE = "https://hasthissitebeenpoisoned.ai/api";

async function checkDomain(domain: string) {
  const res = await fetch(`${HTSBP_BASE}/check-domain?domain=${encodeURIComponent(domain)}`);
  return res.json();
}

const result = await checkDomain("cblanke2.pages.dev");
if (result.is_malicious) {
  console.warn(`BLOCKED: ${result.threats[0].description}`);
}

cURL

curl -s "https://hasthissitebeenpoisoned.ai/api/check-domain?domain=reviewerpress.com" | jq .
curl -s "https://hasthissitebeenpoisoned.ai/api/list-threats?severity=critical&limit=10" | jq .
curl -s "https://hasthissitebeenpoisoned.ai/api/stats" | jq .

MCP Client (TypeScript)

import { Client } from "@modelcontextprotocol/sdk/client/index.js";
import { SSEClientTransport } from "@modelcontextprotocol/sdk/client/sse.js";

const transport = new SSEClientTransport(
  new URL("https://hasthissitebeenpoisoned.ai/api/mcp-sse")
);
const client = new Client({ name: "my-app", version: "1.0.0" });
await client.connect(transport);

const result = await client.callTool("check_domain", { domain: "reviewerpress.com" });
console.log(result);

Report a Threat

Found a website with hidden prompt injection targeting AI agents? Report it via GitHub Issues.

Report a Suspected IDPI Site

When reporting, please include:

The full URL of the suspected page
Your estimated severity (critical / high / medium / low)
A description of what hidden instructions or suspicious behavior you observed