remotion
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- EXTERNAL_DOWNLOADS (LOW): The script
scripts/download-stitch-asset.shutilizescurlto download image assets from external URLs. While the documentation specifies Google Cloud Storage, the script itself does not restrict domains. - COMMAND_EXECUTION (LOW): The skill employs a shell script to perform file system operations (
mkdir) and network requests (curl). There is a theoretical risk of path traversal if an agent is manipulated into passing malicious output paths (e.g.,../../.bashrc) to the script. - INDIRECT_PROMPT_INJECTION (LOW): The skill exhibits an attack surface for indirect injection by processing external design project metadata.
- Ingestion points: Stitch project screens, metadata, and asset URLs used to populate
screens.jsonand the download script. - Boundary markers: None present in the shell script or JSON manifest.
- Capability inventory: File writing (
curl -o) and directory creation (mkdir -p). - Sanitization: The shell script lacks validation for the
$OUTPUT_PATHand$DOWNLOAD_URLarguments.
Audit Metadata