A webkit blogpost from 2018 claims SPIR-V may not be possible to fully secure in a web context. I'm uncertain of the progress or if the original claim was legitimate, but I believe the current experimental implementations of WebGPU do not protect against raw gpu memory access.