Unicode variation selectors for invisible LLM injection

Recently, LeetCode has begun hiding instructions (using css) in their competitions to use particular unique variable names like 'dexolarniv' - and anyone using such a variable name in their submission gets summarily banned.

In their implementation, the hidden prompt does show up on copy/paste - however I tested this method, and the LLM (i.e. ChatGPT) does still follow the Unicode-hidden instruction and uses 'dexolarniv' in the code returned! So I think this is (right now) a viable invisible injection strategy.