phoenix-liveview
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE] (SAFE): No malicious patterns or security issues were detected in the provided Phoenix LiveView code snippets. The skill serves as a reference for legitimate development patterns.
- [INDIRECT_PROMPT_INJECTION] (LOW): The skill describes patterns for ingesting untrusted user data through LiveView events and parameters. 1. Ingestion points: handle_event/3 and handle_params/3 in SKILL.md accept external parameters from the user/browser. 2. Boundary markers: Absent, as these are code templates for implementation rather than processed data. 3. Capability inventory: The patterns include database operations (Posts.create_post) and file system operations (File.cp!). 4. Sanitization: The examples correctly demonstrate the use of Ecto Changesets and pattern matching to validate and sanitize incoming data before execution.
Audit Metadata