syncfusion-react-query-builder

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly instructs binding to remote, public APIs using DataManager (see references/data-binding.md and the SKILL.md "Bind Data" / "Next Steps" sections, e.g., examples using https://services.odata.org/... and https://api.example.com/), so the component/agent ingests untrusted third-party data that can change inferred columns, rules, and generated queries and thus materially influence behavior.