remotion-best-practices
Pass
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill guides the user to install numerous official Remotion packages (e.g., @remotion/three, @remotion/media, @remotion/captions, @remotion/google-fonts, @remotion/lottie, @remotion/transitions) and other well-known libraries like Mapbox and Zod. These are standard dependencies for the described functionality.
- [COMMAND_EXECUTION]: The documentation includes various shell commands for adding Remotion packages and rendering videos using the Remotion CLI. These commands are legitimate and necessary for the intended workflow.
- [REMOTE_CODE_EXECUTION]: In 'rules/transcribe-captions.md', the skill demonstrates the use of the @remotion/install-whisper-cpp package, which downloads and installs the Whisper.cpp binary and models for audio transcription. This is an expected behavior for the transcription feature.
- [DATA_EXPOSURE]: Several rules (e.g., rules/calculate-metadata.md, rules/lottie.md) provide examples of fetching JSON data or assets from remote URLs. These are standard patterns for dynamic video content in Remotion.
Audit Metadata