video-creator
Pass
Audited by Gen Agent Trust Hub on Apr 12, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to run various shell commands for environment validation (e.g., node -v, ffmpeg -version), project scaffolding (npx create-video), and video rendering (npx remotion render). It also handles dependency management via npx remotion add commands.
- [EXTERNAL_DOWNLOADS]: Multiple rule files guide the agent to install third-party Node.js packages. Additionally, the skill facilitates downloading binary tools (e.g., whisper.cpp via @remotion/install-whisper-cpp) and fetching remote assets like Google Fonts, Lottie animations, and sound effects.
- [DATA_EXFILTRATION]: A functional requirement involves sending user-provided text to the ElevenLabs API (api.elevenlabs.io) to generate AI voiceovers. While intended, this constitutes a transfer of data to an external third-party service.
- [PROMPT_INJECTION]: The skill operates as a code generation assistant based on natural language prompts, which creates an indirect prompt injection surface where external data (such as SRT files, API responses, or user prompts) directly influences the generated code structure.
- Ingestion points: User video descriptions, SRT subtitle files (import-srt-captions.md), and remote JSON data from APIs (calculate-metadata.md).
- Boundary markers: Not explicitly defined in the provided instructions; the agent is expected to process inputs as part of the creative flow.
- Capability inventory: Subprocess calls for rendering, network operations for assets/TTS, and file system writes for generated code.
- Sanitization: No specific sanitization or validation logic is provided for external text or user input before it is used for code generation.
Audit Metadata