Back to skill

Security audit

Buffer Publisher

Security checks across malware telemetry and agentic risk

Overview

This is a clear Buffer publishing guide for specific social channels, with disclosed network and credential use, but it should be used carefully because it can post publicly.

Install only if you intend the agent to publish through the listed Buffer-connected social accounts. Keep the Buffer key restricted, confirm the exact post text, channel, and schedule before any createPost call, and avoid the account/channel lookup unless channel discovery is actually needed.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.