Skills
skills/akillness/skills-template/remotion-video-production/Gen Agent Trust Hub

remotion-video-production

Pass

Audited by Gen Agent Trust Hub on Mar 11, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses npx remotion commands to preview and render video content. This involves executing React and TypeScript code generated by the agent within a shell environment.
  • [EXTERNAL_DOWNLOADS]: The skill utilizes npx, which may download the Remotion package and its dependencies from the npm registry—a well-known technology service—if they are not already installed locally.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8). Ingestion points: Untrusted user descriptions are ingested to generate video specs, scene plans, and React code. Boundary markers: No specific delimiters or instructions are used to isolate user input from the generated code logic. Capability inventory: The skill possesses Bash execution and Write file access capabilities. Sanitization: User input is not explicitly sanitized or validated before being interpolated into the code templates used for rendering.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 11, 2026, 09:27 AM