syncfusion-vue-chat-ui

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's documentation (see references/bot-integrations.md and examples using DirectLine.activity$, Dialogflow /api/message calls, and attachment saveUrl/file.url) explicitly shows fetching and programmatically ingesting bot messages and user-uploaded attachments from external services and using them to add messages, suggestions, and handle custom payloads—untrusted third‑party content that can influence subsequent UI actions and logic.