ai-higgsfield-marketplace-cards
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: Indirect Prompt Injection Surface.
- Ingestion points: The skill ingests potentially untrusted data through parameters like
materialUrl,materialFile, andmaterialTextas defined inSKILL.mdandreferences/form-schema.json. - Boundary markers: The instructions do not include specific delimiters or instructions for the agent to treat the ingested data as untrusted, which is a common pattern for indirect injection.
- Capability inventory: The skill utilizes a local Python script (
scripts/run.py) to perform network requests to theai-skills.aiAPI. - Sanitization: No explicit sanitization or validation of the input URLs or text content is documented in the provided files.
- [COMMAND_EXECUTION]: Local Script Execution.
- The skill includes a utility script
scripts/run.pyintended to be run in the local environment to communicate with the AI Skills API. It handles authentication via theAISKILLS_API_KEYenvironment variable and performs standard HTTP POST requests.
Audit Metadata