Skills
skills/syncfusion/aspnetcore-ui-components-skills/syncfusion-aspnetcore-blockeditor/Gen Agent Trust Hub

syncfusion-aspnetcore-blockeditor

Pass

Audited by Gen Agent Trust Hub on Mar 31, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADS
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Fetches library resources from the vendor's official CDN (cdn.syncfusion.com) and installs official NuGet packages (Syncfusion.EJ2.AspNet.Core). These resources are documented as verified vendor-owned infrastructure.
  • [SAFE]: The skill documents tools for processing user-supplied content and implements robust security controls to mitigate risks.
  • Indirect Prompt Injection Surface: The skill processes untrusted user-pasted content and parsed HTML strings.
  • Ingestion points: User-pasted content and HTML input processed via parseHtmlToBlocks in references/advanced-features.md and references/built-in-blocks.md.
  • Boundary markers: Configurable deniedTags and allowedStyles within PasteCleanupSettings to filter incoming content.
  • Capability inventory: Data export (HTML/JSON), structured block manipulation, and image embedding.
  • Sanitization: Employs enableHtmlSanitizer (enabled by default) and enableHtmlEncode to automatically remove scripts, iframes, and dangerous attributes.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 31, 2026, 09:53 AM