higgsfield-image-auto

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly automates and navigates a public third-party site (https://higgsfield.ai, e.g., /image/soul-v2), takes snapshots, reads page elements including prompt details, history grid and asset showcase, and makes decisions (click Generate, retry on failures, handle upgrade/login prompts) based on that untrusted user-generated content, so it clearly ingests and acts on external third-party content.