higgsfield-websites
Fail
Audited by Snyk on Jul 11, 2026
Risk Level: CRITICAL
Full Analysis
CRITICAL E005: Suspicious download URL detected in skill instructions.
- Suspicious download URL detected (high risk: 0.90). These URLs include high-risk items: a direct raw GitHub install script piped to sh, internal/metadata endpoints (fnf.internal, 169.254.169.254, localhost) and internal container hooks (http://c, do/__keepalive), plus obscure Cloudflare Workers subdomains — all of which can be used to deliver or enable malicious code or sensitive data exfiltration.
MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).
- Potentially malicious external URL detected (high risk: 1.00). The skill instructs running a remote install script at runtime via "curl -fsSL https://raw.githubusercontent.com/higgsfield-ai/cli/main/install.sh | sh", which fetches and executes remote code required for the CLI, so this URL is a high-risk runtime external dependency.
Issues (2)
E005
CRITICALSuspicious download URL detected in skill instructions.
W012
MEDIUMUnverifiable external dependency detected (runtime URL that controls agent).
Audit Metadata