Skip to content
ATR-2026-00129criticalSkill Compromiseexperimental

Unicode Tag Character Smuggling

Detects Unicode Tag characters (U+E0001-U+E007F) and other invisible Unicode ranges used to smuggle hidden instructions in SKILL.md files. These characters are invisible in most editors and renderers but are processed by AI agents as text. Snyk ToxicSkills research (Feb 2026) documented this as "ASCII smuggling" — invisible payloads that agents read but humans cannot see.

嚴重度
critical
類別
Skill Compromise
掃描目標
skill
作者
ATR Community

建議回應

alertblock input

參考資料

OWASP LLM
LLM01:2025 - Prompt Injection
在 GitHub 上查看完整 YAML →

更多 Skill Compromise 規則

ATR-2026-00060highMCP Skill Impersonation and Supply Chain AttackATR-2026-00120criticalSKILL.md Prompt InjectionATR-2026-00121criticalMalicious Code in Skill PackageATR-2026-00122highWeaponized Skill — Agent as Attack ToolATR-2026-00123highOver-Privileged Skill — Excessive Permissions