diff --git a/src/backend/routes/aiProxyRoutes.ts b/src/backend/routes/aiProxyRoutes.ts
index 5983ca1..e5d6d0e 100644
--- a/src/backend/routes/aiProxyRoutes.ts
+++ b/src/backend/routes/aiProxyRoutes.ts
@@ -314,6 +314,8 @@ function sanitizeInput(input: string): string {
   return input
     .replace(/[<>]/g, '') // Remove potential HTML tags
     .replace(/javascript:/gi, '') // Remove javascript: URLs
+    .replace(/data:/gi, '') // Remove data: URLs
+    .replace(/vbscript:/gi, '') // Remove vbscript: URLs
     .replace(/on\w+=/gi, '') // Remove event handlers
     .trim();
 }