syncfusion-dotnet-word

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's HTML conversion references (references/html-conversions.md) include code and instructions to download images from external HTTPS URLs during HTML→DOCX import (ImageNodeVisited event) and the Mode 2 workflow requires reading reference files to build executable CSX scripts, so the agent can fetch and ingest untrusted third‑party web content as part of its runtime workflow.