ClawHub

Buffer

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed Buffer integration that uses a Maton API key to manage Buffer connections and social posts, with no hidden executable code found.

Install only if you trust Maton as the API proxy for your Buffer account. Keep MATON_API_KEY private, choose the intended Buffer connection explicitly when multiple accounts exist, and require clear confirmation before creating, scheduling, publishing, or deleting any content or connection.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Description-Behavior Mismatch

Medium
Confidence
92% confidence
Finding
The skill is branded as a Buffer integration, but it also documents generic Maton connection-management operations such as listing, creating, retrieving, and deleting connections. That expands the effective capability surface beyond social-post management into broader account/session management, which could let an agent manipulate authentication context or enumerate linked accounts without the narrow user intent implied by the manifest.

Description-Behavior Mismatch

Low
Confidence
79% confidence
Finding
The schema reference advertises access to organization members, owner email, connected apps, scopes, and other account-relationship metadata that goes beyond the declared task of scheduling and managing Buffer posts. This encourages broader data access and discovery of sensitive organizational information that may not be necessary for routine posting workflows.

Context-Inappropriate Capability

Low
Confidence
81% confidence
Finding
Telling an agent to use GraphQL introspection to discover the full schema invites capability expansion beyond the stated Buffer use case. In an agent setting, this can facilitate unauthorized feature discovery, sensitive field enumeration, or use of undocumented operations that were not intended to be available through the skill.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal