Higgsfield Generate
PassAudited by VirusTotal on May 4, 2026.
Overview
Type: OpenClaw Skill Name: higgsfield-generate Version: 1.0.0 The skill bundle provides a comprehensive interface for the Higgsfield AI generation service, but it is classified as suspicious due to high-risk execution patterns in SKILL.md. Specifically, the 'Bootstrap' section instructs the AI agent to install the CLI using a `curl | sh` command from a remote GitHub repository (https://raw.githubusercontent.com/higgsfield-ai/cli/main/install.sh), which constitutes unverified remote code execution. While the functionality (file uploads, network requests, and CLI interaction) appears aligned with the stated purpose of media generation, the reliance on broad Bash permissions and remote scripts creates a significant attack surface for potential exploitation.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A remote script not included in the reviewed skill could change the local environment or install code before the user has reviewed exactly what will run.
The agent is instructed to download and execute a shell installer from the GitHub main branch at runtime, without a pinned version, checksum, or reviewed install spec.
If `higgsfield` is not on `$PATH`, install it: `curl -fsSL https://raw.githubusercontent.com/higgsfield-ai/cli/main/install.sh | sh`
Install the Higgsfield CLI manually from a trusted, pinned source, or require explicit user approval and integrity checks before running the installer.
The agent may consume Higgsfield credits or incur provider costs without first giving the user a cost estimate.
The skill directs the agent to submit generation jobs without proactively checking or confirming cost, even though the workflow operates through a logged-in provider account.
Don't pre-estimate cost. Just submit unless the user asks.
Ask for a cost estimate before generation if cost matters, and prefer skill behavior that confirms paid or high-cost jobs before submission.
Generated jobs, uploads, listings, and account actions will run under the user's Higgsfield account.
The skill relies on an authenticated Higgsfield session, which is expected for submitting jobs but grants the CLI access to the user's Higgsfield account.
If `higgsfield account status` fails ... ask the user to run `higgsfield auth login`
Log in only to an account you intend this agent to use, and revoke or rotate access if you no longer trust the environment.
Private photos, videos, audio, product images, or avatar assets may be uploaded to Higgsfield if supplied to the skill.
User-selected local images, videos, or audio files are sent to Higgsfield when passed as media inputs; this is purpose-aligned but crosses a provider data boundary.
Each media flag accepts either a local file path or a UUID. The CLI auto-uploads paths before submission
Only provide files and product/avatar assets you are comfortable uploading to Higgsfield, and avoid sensitive local paths.