Skills
skills/buildbusinessdigitalmeg-ux/stitch-skills/remotion/Gen Agent Trust Hub

remotion

Pass

Audited by Gen Agent Trust Hub on Mar 4, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: Uses Bash to manage the video project lifecycle, including project initialization with npm create video, dependency installation, and rendering with npx remotion render.
  • [EXTERNAL_DOWNLOADS]: Downloads design assets such as screenshots and HTML metadata from Google Cloud Storage (storage.googleapis.com), which is a well-known and trusted infrastructure service.
  • [COMMAND_EXECUTION]: Includes a dedicated shell script scripts/download-stitch-asset.sh that uses curl to retrieve assets from remote URLs provided by the Stitch design platform.
  • [PROMPT_INJECTION]: Implements an indirect prompt injection surface by processing and rendering text-based metadata (screen titles and descriptions) from an external design platform, though this is a functional requirement of the video generation process.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 4, 2026, 08:19 AM