syncfusion-react-scheduler

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's documentation and required workflows explicitly show remote data binding and lazy-loading via DataManager/WebApiAdaptor with external URLs (see "Pattern 3: Remote Data Binding" and the lazy-loading examples in references/advanced-features.md and SKILL.md), meaning the agent will fetch and interpret untrusted remote event data as part of its operation which can materially influence actions.