higgsfield

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's SKILL.md explicitly allows "https:// URL — any public image URL" as a reference input (Reference passing section), meaning the agent will fetch and interpret arbitrary public images from the open web as part of generation workflows, exposing it to untrusted third‑party content that could carry indirect prompt-instruction content.