hwc-navigation-content
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Indirect Prompt Injection] (LOW): Documentation examples for markdown previews and faceted search present an ingestion surface for untrusted data.
- Ingestion points:
textarea#editorinreferences/2024-10-08-turbo-frames-markdown-preview.mdand form inputs inreferences/2024-12-10-stimulus-turbo-frames-faceted-search.md. - Boundary markers: None present in the code snippets.
- Capability inventory: Updates Turbo Frame sources and submits forms programmatically.
- Sanitization: Not shown in snippets; expected to be handled server-side.
- [Safe] (SAFE): No evidence of malicious behavior, credential theft, or unauthorized network activity was found.
Audit Metadata