Skills
skills/millionco/react-doctor/remotion-best-practices/Gen Agent Trust Hub

remotion-best-practices

Warn

Audited by Gen Agent Trust Hub on Feb 19, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONCREDENTIALS_UNSAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS] (MEDIUM): The rules/transcribe-captions.md file contains instructions to download the Whisper.cpp binary and language models to the local project directory. Although this is a functional requirement for the transcription feature, downloading and executing binaries that are not managed through standard package registries (and are from sources outside the system's trusted list) poses a medium risk.
  • [COMMAND_EXECUTION] (MEDIUM): Several rule files (rules/ffmpeg.md, rules/transcribe-captions.md, rules/voiceover.md) provide templates for executing shell commands via bunx, npx, or Node.js execSync to perform operations like video re-encoding and speech-to-text processing.
  • [CREDENTIALS_UNSAFE] (LOW): The rules/voiceover.md rule instructs the agent to request an ELEVENLABS_API_KEY from the user and store it in a .env file. While it uses placeholder text, this pattern creates a surface for the accidental exposure of sensitive API secrets if the environment or configuration files are mishandled.
  • [DATA_EXFILTRATION] (LOW): Network operations using fetch() are present in rules/voiceover.md, rules/compositions.md, and rules/display-captions.md to communicate with external APIs (ElevenLabs) or retrieve remote assets. These are used for the skill's primary purpose but represent a path for data flow to non-whitelisted domains.
  • [INDIRECT_PROMPT_INJECTION] (LOW): The skill is designed to process external, potentially untrusted media files and data structures.
  • Ingestion points: Video/audio metadata retrieval in rules/get-video-duration.md and rules/get-video-dimensions.md, and subtitle parsing in rules/display-captions.md.
  • Boundary markers: Absent; the skill does not suggest delimiters or warnings when processing external data.
  • Capability inventory: File system access (fs.writeFileSync), network requests (fetch), and shell execution (execSync).
  • Sanitization: No explicit sanitization or validation of the content of external files (like captions or video metadata) is documented before processing.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 19, 2026, 07:52 AM