The Agent Skills Directory

[SAFE]: The skill provides legitimate documentation and code samples for the Syncfusion Angular Document Editor. All referenced service URLs (e.g., document.syncfusion.com) and packages (e.g., @syncfusion/ej2-angular-documenteditor) are official vendor resources belonging to Syncfusion.
[EXTERNAL_DOWNLOADS]: The skill references standard Hunspell dictionaries from a well-known public repository on GitHub (github.com/wooorm/dictionaries) for implementing spell-checking. These are static data files used for linguistic processing and do not pose a security risk.
[COMMAND_EXECUTION]: The documentation includes shell commands (e.g., dotnet new, npm install, dotnet build) presented as educational setup instructions for developers. These are intended for user-guided configuration of local environments and backend servers, not for autonomous execution by the agent.
[DATA_EXFILTRATION]: The component utilizes a serviceUrl to communicate with a backend for tasks such as document formatting and spell checking. This is a standard architectural requirement for the Syncfusion Document Editor and is clearly identified as a demonstration service for evaluation purposes.
[PROMPT_INJECTION]: The skill has an indirect prompt injection surface as it generates code for a Document Editor that ingests untrusted document data (SFDT/DOCX). While snippets in references/find-and-replace.md demonstrate loading document content, the capabilities are restricted to UI-based document manipulation within the library's own sanitization boundaries.

syncfusion-angular-docx-editor