The Agent Skills Directory

[DATA_EXPOSURE]: The skill provides examples for fetching remote Excel files and saving spreadsheet data to server-side controllers. It appropriately includes security notes advising developers to validate URLs and sanitize inputs, following secure coding practices.
[EXTERNAL_DOWNLOADS]: The generated code references official Syncfusion CDN domains (cdn.syncfusion.com) for CSS and JavaScript assets. These are well-known vendor resources and are safe for use in the intended context.
[DYNAMIC_EXECUTION]: The primary purpose of the skill is to generate cshtml and JavaScript code snippets for integration into ASP.NET Core projects. While this involves creating executable client-side logic (such as custom formula handlers), it is consistent with the skill's stated purpose as a developer tool.
[INDIRECT_PROMPT_INJECTION]: Because the skill facilitates data binding from external APIs and JSON sources into a spreadsheet interface, it technically possesses an ingestion surface for untrusted data. However, the risk is minimal as the skill focuses on UI rendering rather than autonomous decision-making based on that data.

syncfusion-aspnetcore-spreadsheet-editor