Skills
skills/syncfusion/angular-ui-components-skills/syncfusion-angular-query-builder/Snyk

syncfusion-angular-query-builder

Warn

Audited by Snyk on Apr 12, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.90). The skill explicitly documents runtime remote data binding via DataManager with external URLs (references/data-binding.md) and runtime import of SQL/Mongo queries via setRulesFromSql/setMongoQuery (references/import-export.md), which ingest untrusted third‑party content that is parsed and used to build fields/rules and drive subsequent query/export behavior.

Issues (1)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
MEDIUM
Analyzed
Apr 12, 2026, 02:40 PM
Issues
1