syncfusion-angular-blockeditor

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's docs and workflows show the editor ingesting and rendering untrusted external content (e.g., importFromClipboard / importFromHtml and parseHtmlToBlocks in references/data-export-and-import.md, image/avatar src URLs and remote saveUrl in references/advanced-features.md, and preview.innerHTML/getDataAsHtml usage) and explicitly allow disabling HTML encoding (references/configuration-properties.md), so third‑party/user-provided HTML or URLs could be parsed and rendered and thus influence behavior beyond simple display.