buffer
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill makes network requests to
api.buffer.comusingcurl. Buffer is a well-known and established social media management service, so these external references are considered safe. - [COMMAND_EXECUTION]: The skill uses
curl,cat, andjqto interact with the API. It correctly utilizes quoted HEREDOCs (e.g.,'EOF') when writing to temporary files in/tmp/buffer_payload.json. This is a critical security measure that prevents the shell from expanding or executing any malicious code that might be contained within user-provided post content during command construction. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted user input and external data from social media channels.
- Ingestion points: Processes user-provided text for social media posts, titles, and idea bodies in
SKILL.md; also processes responses from the Buffer API containing post content. - Boundary markers: Uses quoted HEREDOCs (
'EOF') to isolate user data from shell command execution. - Capability inventory: Limited to
curlfor API communication,catfor temporary file creation, andjqfor JSON manipulation. - Sanitization: Data is handled within structured JSON payloads, and responses are parsed using
jq, which prevents the raw content from being executed as shell commands, though the agent may still be influenced by instructions within the text content.
Audit Metadata