remotion
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION] (LOW): The skill defines a data ingestion surface for untrusted strings that are later passed to execution scripts. 1. Ingestion points: AppFactoryDemoProps (title, highlights, verifiedUrl) in SKILL.md. 2. Boundary markers: Absent in the provided interpolation examples. 3. Capability inventory: The skill utilizes Bash, Write, and Edit tools to process this data. 4. Sanitization: No sanitization or validation logic for these inputs is described in the instructions.
- [COMMAND_EXECUTION] (LOW): The skill relies on the Bash tool to execute rendering and development scripts (node, npx). While appropriate for video generation, this grants a broad capability that could be exploited if inputs are not sanitized.
- [EXTERNAL_DOWNLOADS] (LOW): The skill instructions include the use of npx and npm to execute tools like remotion and tsc. These are standard development tools, but they represent a dependency on external registries.
Audit Metadata