remotion-production
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection by processing untrusted data from external sources. * Ingestion points: Transcription text from Whisper and video analysis results from TwelveLabs. * Boundary markers: Lacks explicit markers to distinguish untrusted external content from system instructions. * Capability inventory: The skill can write files, execute shell commands (curl, npx), and generate executable React code. * Sanitization: No sanitization of AI-generated text is specified before it is processed by the agent.
- [EXTERNAL_DOWNLOADS]: The workflow involves downloading media assets from well-known providers. * Evidence: Instructions in the production pipeline and stock footage workflow use curl to fetch assets from Pexels and Replicate. * Context: These operations target established services and are limited to sourcing media assets for video projects.
- [COMMAND_EXECUTION]: Standard shell utilities are used for project organization and maintenance. * Evidence: Use of mkdir for directory creation and grep for auditing static file references in source code.
- [DATA_EXFILTRATION]: Local file access is used to process project assets. * Evidence: Use of fs.createReadStream in the captions workflow to read audio files for transcription. * Context: This is a legitimate operation within the project scope to facilitate media processing.
Audit Metadata