The Agent Skills Directory

[SAFE]: The skill is a legitimate implementation guide for the Syncfusion Angular Spreadsheet component and does not contain malicious code or instructions.
[EXTERNAL_DOWNLOADS]: The skill references the official @syncfusion/ej2-angular-spreadsheet package and provides examples using official vendor endpoints (document.syncfusion.com). These are recognized as trusted vendor resources and follow standard development practices.
[DATA_EXPOSURE]: No patterns of sensitive data exposure or unauthorized exfiltration were found. Network operations are constrained to spreadsheet data management and point to developer-controlled or vendor-official endpoints.
[INDIRECT_PROMPT_INJECTION]: The skill processes external data formats like XLSX and CSV, creating a potential surface for indirect injection. However, it addresses this through developer guidance and explicit security warnings to validate and sanitize untrusted inputs, particularly for hyperlinks and remote file sources.
Ingestion points: Data binding from remote APIs and local CSV/JSON files (documented in data-binding.md) and opening local or remote Excel files (documented in import-export.md).
Boundary markers: The SKILL.md file includes rules for the agent to preserve data integrity and existing formulas during code generation.
Capability inventory: The component supports programmatic cell updates, hyperlink insertion, chart creation, and file saving operations.
Sanitization: Explicit developer warnings are provided in hyperlink.md and import-export.md regarding the necessity of input validation and the use of trusted domain allowlists.
[COMMAND_EXECUTION]: The skill does not execute arbitrary shell commands or system-level scripts.

syncfusion-angular-spreadsheet-editor