higgsfield-websites

Fail

Audited by Snyk on Jul 11, 2026

Risk Level: CRITICAL
Full Analysis

CRITICAL E005: Suspicious download URL detected in skill instructions.

  • Suspicious download URL detected (high risk: 0.90). These URLs include high-risk items: a direct raw GitHub install script piped to sh, internal/metadata endpoints (fnf.internal, 169.254.169.254, localhost) and internal container hooks (http://c, do/__keepalive), plus obscure Cloudflare Workers subdomains — all of which can be used to deliver or enable malicious code or sensitive data exfiltration.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

  • Potentially malicious external URL detected (high risk: 1.00). The skill instructs running a remote install script at runtime via "curl -fsSL https://raw.githubusercontent.com/higgsfield-ai/cli/main/install.sh | sh", which fetches and executes remote code required for the CLI, so this URL is a high-risk runtime external dependency.

Issues (2)

E005
CRITICAL

Suspicious download URL detected in skill instructions.

W012
MEDIUM

Unverifiable external dependency detected (runtime URL that controls agent).

Audit Metadata
Risk Level
CRITICAL
Analyzed
Jul 11, 2026, 04:14 PM
Issues
2
Security Audit — snyk — higgsfield-websites