HM Honeypot Med Prompt-injection evidence for healthcare AI
Live widget · runs in your browser · zero servers

Scan a prompt for prompt-injection patterns, locally.

Paste a healthcare AI prompt below. The rule engine runs in this tab. The prompt never leaves your browser, never hits a server, and never gets logged. You get a verdict, severity counts, and a shareable link that contains only the verdict and the rule ids that fired (never the prompt).

Run the full 10-trap challenge Open GitHub
Live scan

Paste a prompt. Get a verdict.

The same regex pipeline ships in the Python CLI. Verdict logic mirrors bundle_verdict 1:1.

No network calls. No telemetry. The prompt stays in this tab.
Try one of these

Three prompts pulled from the live attack packs.

Click to auto-fill. Each maps to a real workflow shape (claims, prior auth, eligibility) that healthcare AI teams already worry about.

On a paste-the-prompt surface the widget caps at REVIEW because there are no tool-call traces to prove the exploit. To see a true BLOCK verdict on the same prompt, run python app.py challenge locally. The CLI checks tool names, tool args, and model output for evidence and promotes proven findings to high or critical.

What gets shared

The shareable link never carries your prompt.

The ?run=... URL only contains the verdict, the severity counts, and the rule ids that fired. The original prompt text stays on your device.