cheatsheetseries.owasp.org
OWASP: Third Party JavaScript Management Cheat Sheet
The invocation of third-party JS code in a web application requires consideration for 3 risks in particular: 1. The loss of control over changes to the client application, 2. The execution of arbitrary code on client systems, 3. The disclosure or leakage of sensitive information to 3rd parties.