The Agent Skills Directory

[Indirect Prompt Injection] (LOW): The skill encourages patterns where the agent fetches and processes data from external URLs (e.g., in calculate-metadata.md and extract-frames.md). This creates a vulnerability surface for untrusted content to influence agent reasoning via ingested data. Ingestion points: remote URLs in fetch() or UrlSource. Capability: network read and media processing. Sanitization: not specified in rules.\n- [External Downloads] (LOW): The skill recommends installing several @remotion/* packages, zod, and mediabunny. These are standard libraries within the Remotion ecosystem and are generally considered safe for their intended purpose.\n- [Command Execution] (LOW): The skill provides instructions for installing dependencies using various package managers (npm, bun, yarn, pnpm) based on local lockfiles, which is a standard development practice but involves executing terminal commands.

remotion-best-practices