| { |
| "model": { |
| "type": "BPE", |
| "vocab": { |
| "!": 0, |
| "\"": 1, |
| "#": 1 |
| } |
| }, |
| "description": "Benign sample data: looks like phishing or payloads in places, but is safe when treated as JSON only.", |
| "clickable_url": { |
| "label": "Example documentation link", |
| "href": "https://example.com/", |
| "note": "IANA-reserved domain; safe placeholder for link tests." |
| }, |
| "embedded_image": { |
| "alt": "Small SVG inline as data URL (green square only)", |
| "src": "data:image/svg+xml,%3Csvg xmlns='http://www.w3.org/2000/svg' width='16' height='16'%3E%3Crect fill='%23008000' width='16' height='16'/%3E%3C/svg%3E", |
| "remote_fallback": "https://www.w3.org/Assets/w3c_logo.svg" |
| }, |
| "looks_like_credentials_but_is_fake": { |
| "username": "demo_user_not_real", |
| "password": "hunter2_is_a_meme_not_a_secret" |
| }, |
| "escaped_html_as_data_not_dom": { |
| "html_fragment": "<a href=\"https://example.org/\">Click me (string only)</a><img src=\"https://www.w3.org/Assets/w3c_logo.svg\" alt=\"W3C\" />" |
| }, |
| "javascript_url_as_literal_string": { |
| "do_not_use_as_href": "javascript:alert('This is only text inside JSON; it does not execute here.')" |
| }, |
| "shell_like_strings": { |
| "command_looking": "curl -s https://example.com/ | head -n 1", |
| "note": "Plain string; not executed by JSON parsers." |
| }, |
| "base64_looking_but_harmless": { |
| "payload": "SGVsbG8sIHRoaXMgaXMganVzdCBiYXNlNjQgZW5jb2RlZCB0ZXh0Lg==", |
| "decoded_hint": "Decodes to a simple English sentence, not binary malware." |
| }, |
| "ipv4_that_looks_suspicious": { |
| "address": "127.0.0.1", |
| "context": "Loopback; common in examples, not an attack by itself." |
| }, |
| "unicode_homoglyph_example": { |
| "display": "exаmple.com", |
| "warning": "Contains Cyrillic 'а' (U+0430) instead of Latin 'a' — safe to store, but teaches URL review.", |
| "safe_ascii_equivalent": "example.com" |
| } |
| } |
|
|
