If the encryption library is loaded over the web, then it provides no added security. You are still trusting them. Web client side encryption is theater.
This is a bit of an aside, but I see this take a lot and I think it's subtly wrong.
Web client side encryption eliminates fully passive snooping on the server side, but of course does nothing for actively subverting the served encryption code. This makes things a bit more dangerous for the snooping party as it's possible that the backdoored encryption code will be noticed by someone, and it's at least possibly a legal defense - the government might have the power to compel you to hand over data on your server but not to backdoor your code.
This isn't a huge technical difference, but it is a difference, and especially with the legal angle I think it's an important one.
Agreed, it requires something more significant like an auditable (non obfuscated code) extension or better.