syncfusion-javascript-tab

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's SKILL.md and referenced docs (e.g., references/data-binding.md and references/api-properties-reference.md) include explicit runtime examples that fetch/POST external data from public endpoints (e.g., services.odata.org, api.example.com, CDNs like cdnjs.cloudflare.com) and show inserting that returned HTML into tab content (including an example where enableHtmlSanitizer can be disabled), so untrusted third-party content would be ingested and could change UI/behavior or execute scripts.