buffer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). This skill calls the public Buffer GraphQL API (scripts/buffer.sh and SKILL.md) to fetch user-generated social content (e.g., post.text, idea.content.text via list-posts/get-post/create-idea), so it ingests untrusted third-party content that the agent is expected to read and that could influence subsequent actions.