syncfusion-javascript-chart

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's documentation (references/data-handling.md and related examples in SKILL.md) explicitly shows loading remote/untrusted sources (e.g., series.dataSource: 'https://api.example.com/data', fetch('/api/chart-data'), and WebSocket 'ws://your-server/data'), so the agent is instructed to ingest and act on arbitrary third‑party content at runtime.