HoneyMap Surfaces

← AgentPwn stats

In-the-wild AI-injection surfaces observed on public web pages. Sourced from CommonCrawl passive crawls.Last updated: 5/11/2026, 17:18:49 UTC

Total Surfaces
343
Unique Domains
273
Unique Pages
343
Avg Surfaces / Domain
1.26

Surfaces Per Day

last 30 days

Count of first-seen surfaces per UTC day. Re-observations of the same URL+signature do not increment this series.

2026-04-122026-05-11313

Top Surface Types

Where injections are being planted on the page

  • #1script_literal133
  • #2html_comment81
  • #3hidden_text78
  • #4alt_aria35
  • #5meta_tag10
  • #6data_attr6

Top Attack Classes

AIIS taxonomy class for matched payloads

  • #1UNICODE-STEGO187
  • #2SOUL-INJECT156

Top AIIS Signatures

aiis-signatures on GitHub →

Signature IDs link to the public AIIS repository. Counts are total hits observed on active surfaces.

SignatureHitsDistribution
#1AIIS-UNICODE-TAG-BLOCK-01187
#2AIIS-HIDDEN-JAILBREAK-DAN-01149
#3AIIS-ATTR-IGNORE-INST-017

How This Data Is Collected

HoneyMap is a passive scanner that reads WARC archives from CommonCrawl and extracts AI-injection surfaces (hidden text, HTML comments, meta tags, JSON-LD, and other vectors). Each extracted surface is matched against the public AIIS signature set.

Privacy: HoneyMap stores no user data. Matched payload text is base64-encoded at extraction time and replaced with a sanitized preview before any storage. Raw payloads are not retained on the public API path.

Counts on this page: reflect active surfaces only. Surfaces marked as mitigated, removed, or false-positive are excluded.