syncfusion-javascript-combobox

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's required workflow (SKILL.md and references/data-binding.md / references/filtering-and-search.md) explicitly shows runtime use of DataManager and OData/Web API URLs (e.g., https://services.odata.org/V4/Northwind/..., 'https://api.example.com/...') and filtering callbacks that call args.updateData, which means the component fetches and interprets open/public third‑party data at runtime and can change behavior based on that data.