# Finding 041: ChatGPT temporary chat fetched the structured-data conflict fixture but exposed only visible text ## Date 2026-06-30 ## Status Published ## Summary ChatGPT was run against p20, `manual-client-chatgpt-20260625-001-p20`, in a fresh ChatGPT temporary chat. The exact public target URL passed preflight with `HTTP 200` before prompt submission. ChatGPT returned `fetched:true`, reported the visible page code `VISIBLE-SILVER-30`, and stated that the meta description and JSON-LD codes were not exposed by its retrieval view. Direct-origin logs confirmed one matching `ChatGPT-User/1.0` page request for `/lab/reading/structured-data-conflict` inside the bounded prompt window. ## What does this mean? For site owners and researchers, this run shows ChatGPT opening the supplied page in temporary chat and grounding its answer in the visible page text, while not exposing the page's metadata or JSON-LD values to the answer. When visible copy and structured data disagree, the assistant may report the visible text and acknowledge a conflict without being able to inspect the hidden structured fields. ## Method - Browser task: `research/manual-client-runs/browser-tasks/manual-client-chatgpt-20260625-001-p20.browser-task.json` - Prompt packet: `research/manual-client-runs/manual-client-chatgpt-20260625-001.prompts.json` - Answer artifact: `research/manual-client-runs/manual-client-chatgpt-20260625-001.answers.json` - Response file: `research/manual-client-runs/browser-tasks/responses/manual-client-chatgpt-20260625-001-p20.response.json` Before opening ChatGPT, the exact target URL was checked with `npm run manual-client:browser-preflight -- --task research/manual-client-runs/browser-tasks/manual-client-chatgpt-20260625-001-p20.browser-task.json`. The preflight returned `HTTP 200`. A fresh ChatGPT tab was opened at `https://chatgpt.com/` in the OpenClaw-controlled Chrome profile. The page showed the logged-in Free plan account, model selector text `ChatGPT`, and the `Temporary Chat / Not in history` state after the native temporary-chat control was enabled. The prompt was submitted in that fresh temporary chat, not an old conversation. Direct-origin review checked the lab `/api/hits` event view for the exact attempt id and fixture path during the bounded prompt window. ## Result | Field | Value | |---|---| | Attempt ID | manual-client-chatgpt-20260625-001-p20 | | Client | ChatGPT (chatgpt-web) | | Visible model/context | ChatGPT, Free plan, temporary chat | | Source prompt | reading-structured-data-conflict | | Fetched | true | | Visible page code | VISIBLE-SILVER-30 | | Metadata/JSON-LD codes exposed | no | | Direct-origin events | 1 | | Raw event ids | mr0do0kp-egia1aiy | | Bounded window | 2026-06-30T08:21:22.300Z - 2026-06-30T08:21:44.300Z | | Confirmed hit from prompt | true | | Confirmation status | confirmed_hit | ## Raw response ```json { "attempt_id": "manual-client-chatgpt-20260625-001-p20", "source_prompt_id": "reading-structured-data-conflict", "prompt_code": "manual-client-chatgpt-20260625-001-p20", "ai_system": "ChatGPT", "fetched": true, "pages_opened": 1, "answer": { "visible_page": { "code": "VISIBLE-SILVER-30" }, "meta_description": { "code": null }, "json_ld": { "code": null }, "conflicts": [ { "type": "visible_vs_metadata", "description": "The visible page states code VISIBLE-SILVER-30, and explicitly says the meta description and JSON-LD contain different codes, but those codes were not exposed by the retrieval view." } ] }, "evidence_quote": "The visible page code is VISIBLE-SILVER-30. The meta description and JSON-LD contain different codes for comparison.", "limitations": "The client could access only the rendered text made available by the retrieval layer. The page's meta description and JSON-LD contents were not exposed, so their codes could not be directly observed or compared.", "confidence": 0.67 } ``` ## Origin evidence ```json { "timestampWindow": { "startedAt": "2026-06-30T08:21:22.300Z", "endedAt": "2026-06-30T08:21:44.300Z" }, "sourcePromptId": "reading-structured-data-conflict", "promptCode": "manual-client-chatgpt-20260625-001-p20", "confirmedHitFromPrompt": true, "rawEventIds": [ "mr0do0kp-egia1aiy" ], "events": [ { "id": "mr0do0kp-egia1aiy", "timestamp": "2026-06-30T08:21:28.722Z", "eventType": "server_page", "path": "/lab/reading/structured-data-conflict", "testId": "manual-client-chatgpt-20260625-001-p20", "sourcePromptId": "reading-structured-data-conflict", "promptCode": "manual-client-chatgpt-20260625-001-p20", "userAgent": "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko); compatible; ChatGPT-User/1.0; +https://openai.com/bot", "ip": "::ffff:52.241.146.214" } ], "resourceCounts": { "htmlPageRequests": 1, "trackingPixelFetches": 0, "nonPixelSubresources": 0, "clientCapabilityEvents": 0 } } ``` ## Interpretation This run ties ChatGPT's p20 answer to a real origin fetch from `ChatGPT-User/1.0`, rather than treating the model's `fetched:true` claim as standalone proof. The answer names the visible code and explicitly separates the unobserved meta description and JSON-LD fields, which is the behavior this fixture was designed to test. The result does not show that ChatGPT inspected raw HTML metadata, JSON-LD, tracking pixels, subresources, JavaScript execution, or hidden fields. It shows server-rendered visible-text retrieval for the exact supplied URL in a fresh temporary chat. ## Limitations - This finding covers one ChatGPT run, one account/session, one visible model selector state, and one fixture. - ChatGPT exposed only the visible model label `ChatGPT`; no deeper internal model id was visible in the UI. - The prompt supplied the exact target URL, so the run proves direct opening, not independent discovery. - Temporary chat mode was verified from visible ChatGPT UI text and the `temporary-chat=true` URL state, not from internal OpenAI service metadata. - The recorded start and end times are operator-side bounds around submission and final answer completion, not service-internal fetch timestamps. ## Publication Thesis Verification - Thesis: ChatGPT temporary chat fetched the p20 structured-data conflict fixture and reported visible page text while not exposing metadata or JSON-LD codes. - Source: Fresh ChatGPT temporary-chat response, generated response and answer artifacts, browser-task artifact, preflight output, and bounded `/api/hits` review. - Method: Exact public target preflight, controlled-browser switch to ChatGPT temporary chat, prompt submission in a fresh chat, exact attempt-id review, fixture-path review, raw event id capture, and bounded timestamp-window correlation. - Bias: Single run, Free plan account, and ChatGPT's visible model label may not represent every ChatGPT product surface, model, or tier. - Consensus: Consistent with earlier ChatGPT reading-fixture findings that direct URL prompts can produce a server-side `ChatGPT-User` page hit while not proving JavaScript execution or full browser rendering. - Invalidation: A rerun in the same temporary-chat conditions that returns no direct-origin page hit, a raw event sequence showing a non-ChatGPT actor caused the hit, or a fixture serving mismatch would weaken this result. - Verdict: Supported for this run. The response, preflight, raw event id, timestamp window, and `ChatGPT-User/1.0` origin event align. - Additional tests suggested: run p20 for Claude, Gemini, Perplexity, and Copilot/Bing; add a follow-up fixture where the visible page does not warn that metadata and JSON-LD conflict, so hidden-field exposure can be isolated more cleanly. ## Next steps - Continue the remaining p20 controlled-browser tasks for Claude, Gemini, Perplexity, and Copilot/Bing. - Add a hidden-conflict variant that avoids visible prose about the metadata and JSON-LD mismatch, then compare whether clients expose hidden structured data without a visible hint.