Skills
skills/hwatkins/my-skills/liveview-js-interop/Gen Agent Trust Hub

liveview-js-interop

Pass

Audited by Gen Agent Trust Hub on May 1, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill serves as a technical guide for Phoenix LiveView development and does not contain any malicious patterns or instructions. All provided code snippets follow documented framework conventions.
  • [DATA_EXPOSURE]: Documents legitimate patterns for using localStorage to persist UI state across sessions. This is a standard functional requirement for many web applications and is implemented here via client-side hooks.
  • [DYNAMIC_EXECUTION]: Describes the use of JS.exec for executing Phoenix's declarative JavaScript command DSL from DOM data attributes. This is a native framework feature designed for patch-safe DOM transitions and visibility toggling.
  • [INDIRECT_PROMPT_INJECTION]: Identifies data ingestion surfaces where the agent reads configuration or content from DOM data-* attributes (e.g., dataset.config, dataset.content). These patterns are standard for bridging server-side data to client-side libraries and do not represent an atypical security risk in this context.
Audit Metadata
Risk Level
SAFE
Analyzed
May 1, 2026, 11:58 AM