simple solution:
preprocess any input to agents by restricting them to a set of visible characters / filtering out suspicious ones
simple solution:
preprocess any input to agents by restricting them to a set of visible characters / filtering out suspicious ones
Not sure about internationalization but at least for English, constraining to ASCII characters seems like a simple solution.
Nasty characters should be rather common in your test cases.