syncfusion-blazor-context-menu
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [UNVERIFIABLE_DEPENDENCIES]: Fetches official Syncfusion Blazor components via NuGet (Syncfusion.Blazor.Navigations, Syncfusion.Blazor.Themes). These resources originate from the vendor's known infrastructure and are standard for the described functionality.
- [INDIRECT_PROMPT_INJECTION]: The skill ingests untrusted data to populate menu items, creating a potential surface for indirect prompt injection. \n
- Ingestion points: The Items collection used for data binding, as described in references/data-binding.md. \n
- Boundary markers: No specific delimiters or instructions are defined to isolate data content from potential instructions. \n
- Capability inventory: The skill provides UI component code and documentation; it does not perform sensitive operations like file writes, subprocess calls, or network operations. \n
- Sanitization: Relies on standard Blazor rendering for character escaping; no explicit validation logic for prompt-based instructions is provided.
Audit Metadata