Published just now • Last updated July 17, 2026 • ⏱️ 2 min read

I read a post by Liran Tal on invisible unicode characters to hack Gemini. Immediately I thought this would be a useful Hackvertor tag and then I realised I hadn't actually described how to create one and the cool features they have so I thought I'd write a post.
To create this tag literally took a couple of minutes. Here's the prompt I gave to the AI:
Read this article:
https://lirantal.com/blog/gemini-cli-invisible-unicode-skill-injection
Then write me a Hackvertor tag that produces the invisible unicode:
class invisibleUnicode { encode(input, arg1) { return output; } decode(input, arg1) { let output = decodeURIComponent(input); //This method is called to decode the input //This is optional. Remove it if not used. return output; } startsWith(input) { //this is used to automatically detect the encoding //This is optional //Always use ^ at the start with no $ at the end return /^(?:%[a-f0-9]{2})+/i.exec(input); } matches(input) { //this is used to match the whole encoding encoding //This is optional //Always use ^ at the start with and $ at the end return /^(?:%[a-f0-9]{2})+$/i.exec(input); } }
I used ChatGPT to do this but it probably would work in any model. So each tag has a encode and decode method which does what you expect. But the real power is the startsWith and matches methods.
These enable you to evolve the auto-decode features in Hackvertor, this means it actually learns how to decode it and reproduce it and even nested encodings! What do I mean? Well, let's take some invisible unicode and now actually knows about it and it auto-decodes it reproduces it just from the JS tag the AI supplied. Check the auto-decode box to see Hackvertor decoded it and reproduces the tags.
You can see the source code. It supports nesting too because Hackvertor runs all the tags on the input and decides the best result. Here's an example of base64->hex entities->invisible unicode. Note I'm using invisible unicode as an example but any tag can evolve the auto-decoder in this way.
If you are a web security researcher give Hackvertor a try, it really helps make complex attacks really simple.