Examples / AI Agent Output

A simulated agent streams a PR-review response. The payload mixes legitimate rich HTML (a styled verdict box, a findings table, a real link) with deliberate XSS attempts inside a <details> block (javascript: URLs, onerror/onclick/onsubmit handlers, a vbscript: protocol, a form posting to javascript:). Watch all three panes simultaneously: raw source → rendered HTML → audit log of what got blocked.

Idle

Rendered output SvelteMarkdown render

Click "Start streaming" to render the simulated agent response.

Sanitization log wraps defaultSanitize*

Nothing blocked yet. The log fills in as malicious payloads stream in.

Source (agent stream) raw text in

// Click "Start streaming" — the agent response will arrive here word by word.

The "agent response" is hard-coded for this demo (see the AGENT_RESPONSE constant in the source). Sanitization wraps defaultSanitizeUrl and defaultSanitizeAttributes with a logger so you can see every blocked URL and stripped attribute as it streams in — in production you would use the defaults directly.