syncfusion-wpf-scheduler
Pass
Audited by Gen Agent Trust Hub on Mar 26, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security issues were detected in the skill instructions or referenced documentation. The skill focuses on UI implementation for desktop applications.
- [EXTERNAL_DOWNLOADS]: The skill references the official 'Syncfusion.SfScheduler.WPF' NuGet package and provides links to Syncfusion's official documentation at help.syncfusion.com. These are trusted resources originating from the vendor and are documented neutrally.
- [COMMAND_EXECUTION]: Examples include standard Package Manager Console commands (e.g., Install-Package) for library installation, which is expected behavior for developer documentation.
- [PROMPT_INJECTION]: The skill documents properties such as Subject and Notes that ingest external data (referenced in references/appointments.md). While this represents a potential indirect prompt injection surface common to UI components, the skill lacks capabilities for file modification, network exfiltration, or arbitrary code execution, making the risk negligible. No boundary markers or sanitization logic are mentioned, but the component is used for display purposes.
Audit Metadata