hwc-media-content
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION] (LOW): Vulnerability to Indirect Prompt Injection (Category 8) due to unsafe interpolation of untrusted data into the DOM.\n
- Ingestion points: User-provided file names in
references/2024-09-17-stimulus-image-upload-previews.mdand marker descriptions/IDs inreferences/2024-07-02-stimulus-wavesurfer-add-markers.mdandreferences/2024-07-30-stimulus-wavesurfer-remove-markers.md.\n - Boundary markers: None identified; inputs are treated as raw strings for replacement.\n
- Capability inventory: The skill uses
insertAdjacentHTMLandinnerHTMLacross multiple controllers to dynamically update UI components based on processed data.\n - Sanitization: Missing. Although the code occasionally uses
innerTextto read data, it subsequently injects that data into HTML templates via string replacement (e.g.,.replace('BODY', ...)), which is then parsed as HTML. This allows for potential UI redressing or script execution if an attacker provides crafted strings as media metadata.
Audit Metadata