remotion-best-practices
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- COMMAND_EXECUTION (LOW): The skill instructs the installation of several packages from the @remotion ecosystem and the zod library. While these are unverifiable third-party dependencies as they are not on the trusted organizations list, they are essential for the primary purpose of video development with Remotion.
- EXTERNAL_DOWNLOADS (LOW): Rules like import-srt-captions.md and lottie.md demonstrate fetching external JSON, SRT, and asset files using fetch(). This establishes a surface for processing untrusted data, which is a necessary function for dynamic video content.
- REMOTE_CODE_EXECUTION (LOW): The tailwind.md rule directs the agent to fetch further instructions from the official remotion.dev documentation site. This represents a form of remote instruction following, which is considered low risk given the source is the official site for the framework.
- PROMPT_INJECTION (LOW): The skill ingests external data (subtitles, animation JSON) without explicit sanitization or boundary markers in the code examples. This presents a surface for indirect prompt injection (Category 8). Evidence: 1. Ingestion points in rules/import-srt-captions.md and rules/lottie.md. 2. Boundary markers are absent. 3. Capability inventory includes standard rendering and layout measurement of the data. 4. Sanitization logic is absent.
Audit Metadata