Skills
skills/higgsfield-ai/skills/higgsfield-marketplace-cards/Gen Agent Trust Hub

higgsfield-marketplace-cards

Fail

Audited by Gen Agent Trust Hub on May 4, 2026

Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Fetches an installation script from the vendor's official GitHub repository (github.com/higgsfield-ai/cli).
  • [REMOTE_CODE_EXECUTION]: Provides instructions to pipe a remote shell script directly into a bash interpreter (curl ... | sh) to install the higgsfield CLI. This is a standard installation procedure provided by the author for their official tooling.
  • [COMMAND_EXECUTION]: Executes the higgsfield CLI tool to perform marketplace image generation tasks based on user requests.
  • [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection where user-provided text or file paths are interpolated into shell commands.
  • Ingestion points: User-provided prompt strings and --image file paths (SKILL.md).
  • Boundary markers: Shell commands use double quotes for the prompt argument, which mitigates some but not all shell injection risks.
  • Capability inventory: The skill is granted access to the Bash tool to execute system commands (SKILL.md frontmatter).
  • Sanitization: No explicit sanitization or validation of the user input is described before it is passed to the shell.
Recommendations
  • HIGH: Downloads and executes remote code from: https://raw.githubusercontent.com/higgsfield-ai/cli/main/install.sh - DO NOT USE without thorough review
Audit Metadata
Risk Level
HIGH
Analyzed
May 4, 2026, 11:22 PM