Higgsfield Generate
Security checks across malware telemetry and agentic risk
Overview
This skill matches its Higgsfield image and video generation purpose, but it asks the agent to run an unpinned remote installer and can submit credit-consuming jobs in a logged-in account without a default cost check.
Review before installing. Prefer installing the Higgsfield CLI yourself from a trusted, versioned source, use an account you are comfortable delegating generation actions to, ask explicitly for cost estimates or confirmations when credits matter, and only provide media, product URLs, or avatar images you are comfortable uploading to Higgsfield.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
56/56 vendors flagged this skill as clean.