syncfusion-react-dropdownlist
Pass
Audited by Gen Agent Trust Hub on Mar 25, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADS
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill documentation includes instructions to install the
@syncfusion/ej2-react-dropdownspackage and provides examples of fetching data from remote endpoints such asservices.odata.organdservices.syncfusion.com, which are well-known and vendor-controlled services. - [PROMPT_INJECTION]: Identifies an indirect prompt injection surface where the component ingests data via the
dataSourceproperty. A specific implementation pattern inreferences/how-to.mdusesdangerouslySetInnerHTMLfor search highlighting, which is a standard UI pattern for this component but identifies a surface where untrusted data could execute script if the data source is not properly sanitized.
Audit Metadata