remotion-best-practices
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADS
Full Analysis
- [EXTERNAL_DOWNLOADS] (LOW): The skill provides instructions to install various packages and use templates from sources outside the predefined 'Trusted External Sources' list.
- Evidence: Recommends installing
mediabunnyand several@remotion/*packages (e.g.,@remotion/three,@remotion/media,@remotion/captions,@remotion/lottie,@remotion/renderer). - Evidence: Links to templates hosted under the
remotion-devandreactvideoeditorGitHub organizations, which are not in the trusted whitelist. - Context: These are standard and legitimate dependencies for the Remotion ecosystem. The severity is lowered because recommending these libraries is the primary educational purpose of the skill.
- [COMMAND_EXECUTION] (SAFE): The documentation includes shell command examples for package installation (e.g.,
npx remotion add,npm install). These are intended for the user to execute in their local environment and are not triggered automatically by the skill scripts. - [DATA_EXFILTRATION] (SAFE): Code snippets demonstrate using
fetch()to retrieve remote configuration or assets (e.g.,props.dataUrl, Lottie JSON files). Whilefetchcan be used for exfiltration, these examples reflect standard React/Remotion data-loading patterns. - [INDIRECT_PROMPT_INJECTION] (LOW):
- Ingestion points: The skill guides users on how to ingest untrusted data via external APIs (
calculateMetadata) and subtitle files (.srt). - Boundary markers: Code snippets do not explicitly show boundary markers or 'ignore' instructions for external data.
- Capability inventory: The described capabilities are restricted to media rendering and metadata calculation; no arbitrary system command execution or direct shell access is performed by the skill itself.
- Sanitization: Sanitization is not demonstrated in the provided code snippets.
Audit Metadata