buffer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The SKILL.md explicitly queries Buffer's public API (POST https://api.buffer.com) — e.g., "List Pending/Scheduled Posts" and related GraphQL queries return social-media post "text" and channel data (user-generated content), and the documented workflows and mutations (list, update, delete, create) expect the agent to read that content and act on it, so untrusted third-party content can materially influence actions.