User-generated content (UGC) that has not been audited may pose risks when visualized on the client-side graphical user interface (GUI). Therefore, it is critical to accurately identify which fields delivered by the server-side will be visualized on the client-side. This paper proposes ViTAL, an end-to-end taint analysis framework that deeply synergizes static analysis with Large Language Models (LLMs) to audit whether server-side fields in Android applications are ultimately visualized. Given an APK and its set of server-side fields, ViTAL maps these fields to their client-side counterparts, applies transfer rules to track data flow, and employs LLM-powered code summarization to identify GUI visualization features. The identified features are then validated through expert review and maintained in an updatable knowledge base. To support rigorous evaluation, we constructed and publicly released a high-quality dataset, VisualFieldBench, by collecting fields from three popular applications: Douyin, Tomato Novel, and Toutiao. To enhance usability, we also provide an executable tool. Our experiments show that ViTAL achieves an average recall of 93% and precision of 79%, uncovering previously overlooked visualization fields. These results underscore ViTAL’s practical value for real-world mobile content security auditing.