syncfusion-javascript-data-manager

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The SKILL.md and accompanying docs (e.g., SKILL.md "Accepted Security Risk" and references/adaptors-guide.md / references/applying-middleware-logic.md) explicitly show DataManager fetching from arbitrary remote endpoints (url/GraphQL/CustomDataAdaptor examples including third‑party APIs like Stripe/GitHub) and processing those responses via adaptors and middleware (transforming responses, triggering redirects/refresh), so the agent clearly ingests untrusted third‑party content that can influence its actions.