The Agent Skills Directory

[SAFE]: No malicious logic or behaviors were identified. The skill consists entirely of technical documentation and implementation examples for a well-known UI library.- [CREDENTIALS_UNSAFE]: The documentation in references/data-binding.md includes a hardcoded Google API key (AIzaSyBgbX_tgmVanBP4yafDPPXxWr70sjbKAXM). This is a recognized sample key used for demonstration in the official documentation of well-known services and does not provide access to private data.- [EXTERNAL_DOWNLOADS]: The skill provides instructions for installing legitimate peer dependencies and referencing CSS styles from official Syncfusion and npm registries. These sources are considered safe as they belong to well-known technology organizations.- [PROMPT_INJECTION]: The skill was evaluated for indirect injection surfaces (Category 8) due to its data-binding and template rendering capabilities. Ingestion points: Data enters the scheduler via the DataManager component and remote API integrations described in references/data-binding.md. Boundary markers: None provided in the simplified code snippets. Capability inventory: The component supports full CRUD (Create, Read, Update, Delete) operations on appointment data. Sanitization: While some patterns use React's dangerouslySetInnerHTML for customization in references/customization.md and references/header-and-layout.md, the examples utilize internal state or Date objects as inputs, which is consistent with standard UI development practices. Most rendering patterns use React's default escaping to prevent injection.

syncfusion-react-scheduler