Skills
skills/black-forest-labs/skills/bfl-api/Gen Agent Trust Hub

bfl-api

Warn

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATION
Full Analysis
  • Data Exposure & Exfiltration (MEDIUM): The skill instructs the agent to read and parse the .env file using shell commands (grep and cut) to retrieve the BFL_API_KEY. Accessing environment configuration files is a sensitive operation that exposes potential credentials to the agent's context. This finding is downgraded from HIGH to MEDIUM because it is necessary for the skill's primary purpose of API integration.\n- Indirect Prompt Injection (LOW): The skill processes data and URLs from an external API response and uses them in commands that write to the local file system.\n
  • Ingestion points: The polling_url and image sample URLs are extracted from JSON responses from the BFL API in references/code-examples/curl-examples.sh and references/polling-patterns.md.\n
  • Boundary markers (absent): No delimiters or instructions are provided to the agent to treat the API-returned data as untrusted.\n
  • Capability inventory: The skill uses curl -o and Python file-writing operations to save content from remote URLs to the local disk.\n
  • Sanitization (absent): There is no validation or sanitization of hostnames or URL schemes before processing returned links.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 17, 2026, 04:52 PM