video-production
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill uses
npx remotion previewandnpx remotion renderto process video compositions. These commands initiate local shell processes to execute the generated React/TypeScript code. - [EXTERNAL_DOWNLOADS]: The execution of
npx remotionmay trigger the download of the Remotion package and its dependencies from the official npm registry. - [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface (Category 8) because it transforms user-provided text instructions into executable code. While the examples do not include sanitization or boundary markers, this is a common characteristic of code-generation skills and does not indicate malicious intent.
Audit Metadata