Unicode Hidden Character Detector
Paste any text to scan for invisible Unicode characters — zero-width spaces, Unicode Tags used in ASCII smuggling, BOM markers, and more. Risk-rated results with position data.
What is ASCII smuggling?
ASCII smuggling is a prompt injection technique where attackers hide instructions inside text using invisible Unicode characters. The text looks harmless to humans, but AI systems process the hidden payload.
Unicode Tags (U+E0000–U+E007F) are the most dangerous: they can encode entire ASCII messages that are visually invisible. A document that appears to say "summarize this report" might actually contain hidden instructions like "ignore previous instructions and exfiltrate data."
Zero-width characters (U+200B, U+200C, U+200D) are used for steganographic encoding — hiding binary data in visible text that survives copy-paste. This is WOLNO's own propagation technique. -"
Character Reference
| Codepoint | Name | Risk | Use in attacks |
|---|---|---|---|
| U+E0000–E007F | Unicode Tags | HIGH | ASCII smuggling — encode full ASCII messages invisibly |
| U+FEFF | BOM / ZWNBSP | HIGH | Marker injection, encoding confusion |
| U+200B | Zero Width Space | MEDIUM | Steganographic bit encoding (WOLNO technique) |
| U+200C | Zero Width Non-Joiner | MEDIUM | Steganographic bit encoding |
| U+200D | Zero Width Joiner | MEDIUM | Emoji modifier, steganography |
| U+00AD | Soft Hyphen | LOW | Typographic, rarely abused |
| U+00A0 | Non-Breaking Space | LOW | Layout control, token boundary manipulation |