syncfusion-angular-dropdowns

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's SKILL.md and referenced docs (e.g., references/autocomplete-data-binding.md and the autocomplete examples) include explicit remote-data examples—DataManager with url/crossDomain and HttpClient/async-pipe fetches—showing how to bind components to arbitrary external endpoints, meaning the agent can ingest and act on untrusted third‑party content at runtime (despite the document's warnings and required security review).