syncfusion-angular-treeview

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly documents binding TreeView data to remote/untrusted sources (e.g., references/data-binding.md shows DataManager with OData/URL/GraphQL endpoints and custom adaptors, and accessibility-advanced.md / data-binding examples show lazy-loading from APIs), so the agent is expected to ingest and act on public third‑party data as part of its workflow (which can influence UI logic and actions like add/remove/disable via node data), exposing it to indirect prompt-injection risks.