flutter-markdown-view-with-material-3
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION] (LOW): Indirect Prompt Injection surface identified in the MarkdownView widget rendering logic. * Ingestion points: The widget accepts an untrusted String through the 'markdown' parameter. * Boundary markers: No delimiters or boundary instructions are used to isolate the rendered content. * Capability inventory: The component can launch external URLs via 'launchUrl' and perform internal application navigation via 'context.push'. * Sanitization: No sanitization of the markdown input or validation of the link destinations is implemented in the provided snippet.
Audit Metadata