The Agent Skills Directory

EXTERNAL_DOWNLOADS (LOW): Multiple rule files recommend installing external packages from the @remotion scope (e.g., @remotion/three, @remotion/media, @remotion/captions). These are standard dependencies for the framework but involve downloading code from external registries.
REMOTE_CODE_EXECUTION (LOW): The rules/transcribe-captions.md file provides a script example that uses @remotion/install-whisper-cpp to download and install Whisper.cpp locally. While this is a legitimate utility for audio transcription, it constitutes a remote download and binary setup pattern.
COMMAND_EXECUTION (LOW): The skill contains numerous instructions for running shell commands such as npx remotion add. An AI agent following these instructions might execute these commands in its environment to assist the user with project setup.
INDIRECT_PROMPT_INJECTION (LOW): Several patterns (e.g., in rules/calculate-metadata.md and rules/lottie.md) involve fetching data from external URLs or processing local JSON files (captions). This creates a vulnerability surface where untrusted data could influence the rendering logic of the video composition.

remotion-best-practices