syncfusion-react-pivot-table

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflow (see SKILL.md navigation to references/data-binding.md and references/connecting-to-data-source.md) explicitly instructs binding remote JSON/CSV/APIs (e.g., urls like https://cdn.syncfusion.com/data/sales-analysis.json, DataManager url examples, and GitHub server-side pivot engine), meaning the component will fetch and interpret untrusted public/third‑party data as part of its operation which can materially change configuration/behavior (data, calculated fields, aggregations, etc.).