What a human in a normal browser sees. Rendered in a sandboxed iframe with no scripts or same-origin access.
What the agent ingests — visible text plus hidden, ARIA-only, decoded, and off-screen content. Trap excerpts are highlighted.
Each finding maps to a detector family and a severity weight. Click a card to jump to its excerpt in the agent view.
The agent-safe text payload. Hidden nodes, ARIA traps, off-screen paragraphs, and decoded directives have been stripped. Paste this into your agent instead of the raw page.
How it works
-
Fetch the page like an agent would
TrapScout reads the page the way a browser-using agent does — visible text, plus ARIA, alt, title, hidden nodes, off-screen content, and the decoded contents of base64 / hex / zero-width payloads.
-
Run eight detector families
DOM hiding, CSS hiding, ARIA / alt / title, instruction phrasing, encoded payloads, fake tool-call structure, credential exfil, and policy override. Each finding carries a severity weight and a plain-English mitigation.
-
Score and clean
The page gets a 0–100 score. A copy-pasteable cleaned prompt strips the trap content so you can feed your agent text it can actually trust.