remotion-best-practices
Pass
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- EXTERNAL_DOWNLOADS (LOW): The skill frequently suggests installing external packages from the Remotion ecosystem (e.g., @remotion/media, @remotion/captions) and downloading the Whisper.cpp binary for audio transcription. While these are from non-whitelisted sources, they are official tools for the Remotion framework and essential for the skill's intended purpose.
- COMMAND_EXECUTION (LOW): The skill provides numerous shell commands for package management (npx, bunx, yarn) and media processing (FFmpeg). These are standard development patterns for this domain.
- DATA_EXFILTRATION (LOW): The skill includes patterns for making network requests to external APIs such as ElevenLabs for text-to-speech and fetching assets from Lottiefiles. These are legitimate operations for the skill's primary purpose.
- INDIRECT_PROMPT_INJECTION (LOW): The skill contains ingestion points for untrusted data that could lead to indirect injection if the source content is compromised.
- Ingestion points:
calculate-metadata.md(viaprops.dataUrl),lottie.md(external JSON), anddisplay-captions.md(JSON files). - Boundary markers: None are present in the provided code examples to delimit fetched data from system instructions.
- Capability inventory: The skill allows for file writing (
rules/transcribe-captions.md) and package installation/execution. - Sanitization: No sanitization or validation of fetched JSON data is shown in the examples before processing.
Audit Metadata