scanTrojanSource()

Defined in: trojan.ts:53

Trojan Source detector.

Detects unsafe usage of Unicode Bidirectional (BIDI) control characters that can cause the visual order of text to differ from its logical order.

These attacks allow malicious code or instructions to appear benign to reviewers while executing differently when interpreted by compilers, interpreters, or LLMs.

Detection rules:

PST001 — Matched BIDI override sequence PST002 — Unterminated BIDI override sequence

Parameters

text

string

options?

ScanOptions = {}

Returns

ThreatReportWithoutLocation[]