remotion
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: Executes the
npx remotion rendercommand to process React compositions into video files. This is the primary and intended function of the integrated library. - [EXTERNAL_DOWNLOADS]: References the
remotionpackage from the npm registry. Remotion is a well-known and trusted framework in the web development ecosystem for programmatic video generation. - [PROMPT_INJECTION]: The skill processes user-supplied data (such as CSV or JSON) to dynamically populate video content. While this creates a surface for indirect prompt injection, it is necessary for the skill's core purpose.
- [INDIRECT_PROMPT_INJECTION_EVIDENCE]: Ingestion points: user data provided via the
--propsflag or external JSON files; Boundary markers: none; Capability inventory: execution of the Remotion rendering engine via npx; Sanitization: no explicit sanitization of input data is described in the skill instructions.
Audit Metadata