syncfusion-react-combobox

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's documentation (see references/data-binding.md and references/filtering-and-search.md) explicitly instructs using DataManager/WebApiAdaptor and fetch-based examples against arbitrary remote URLs (e.g., https://api.example.com/sports, /api/search) so the agent is expected to ingest untrusted third-party API/web content as part of its workflow and that data can influence filtering, selection handlers, and subsequent actions.