syncfusion-angular-rich-text-editor

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's AI Assistant docs (references/ai-assistant.md) explicitly show the editor calling external AI endpoints (e.g., YOUR_AI_SERVICE_URL and api.openai.com) and then inserting/streaming those responses into the editor via addAIPromptResponse (and related handlers), which clearly ingests untrusted third‑party content that the agent reads/uses as part of its workflow and can change subsequent actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill's AI Assistant examples perform runtime fetches to external AI endpoints (e.g., https://api.openai.com/v1/chat/completions and placeholder YOUR_AI_SERVICE_URL) and directly insert the returned text into the editor via addAIPromptResponse, meaning external content fetched at runtime can control prompts/responses.