video-production
Warn
Audited by Gen Agent Trust Hub on Apr 14, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to execute shell commands such as
npx remotion previewandnpx remotion render. These commands involve the execution of the Remotion CLI tool to process generated video compositions. - [REMOTE_CODE_EXECUTION]: The skill follows a pattern of generating React (TSX) source code for video compositions based on user-provided text instructions and prompts. This generated code is then executed in a Node.js/React environment during the preview and rendering stages, creating a vector for executing code derived from untrusted input.
- [EXTERNAL_DOWNLOADS]: The use of
npxinherently involves downloading theremotionpackage and its associated dependencies from the npm registry if they are not already cached locally. - [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection. It processes untrusted user input (prompts for video generation) to produce scene plans and executable code.
- Ingestion points: User-provided prompts (e.g., in Example 1 and 2) are used as the primary data source for the skill's operations.
- Boundary markers: None. There are no instructions to the agent to treat input as data rather than instructions or to ignore embedded commands.
- Capability inventory: The skill has the capability to write files (
src/Video.tsx,src/scenes/*.tsx) and execute shell commands (npx remotion). - Sanitization: There is no mention of sanitization or escaping techniques for the interpolated user content.
Audit Metadata