syncfusion-vue-diagram

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill includes explicit instructions to bind diagrams to remote/untrusted sources using DataManager (e.g., references/data-binding.md and SKILL.md mention "Remote data via DataManager" and examples with dataSource: new DataManager({ url: "[YOUR URL HERE]" })), so the agent will fetch and interpret arbitrary external JSON to construct/layout nodes/connectors (which can drive rendering and behavior), exposing it to untrusted third-party content that could influence tool decisions.