compose
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes local shell scripts and standard binary utilities such as ffmpeg, ffprobe, and agg to process video assets. These operations are within the scope of its stated functionality.
- [EXTERNAL_DOWNLOADS]: The skill utilizes npx to run the Remotion video engine, which potentially involves downloading packages from the public NPM registry.
- [PROMPT_INJECTION]: The skill processes 'Creative (natural language)' guidance from previous capture stages, creating an indirect prompt injection surface.
- Ingestion points: Creative guidance handoff (SKILL.md).
- Boundary markers: None; the guidance is processed as free-text without explicit isolation or instructions to ignore embedded commands.
- Capability inventory: Execution of render-showcase.sh and npx remotion based on processed props.
- Sanitization: None; the agent relies on its own interpretation of the natural language to safely construct the showcase JSON props.
Audit Metadata