remotion-best-practices

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and ingests arbitrary remote content (e.g., calculate-metadata's example fetch(props.dataUrl), the Lottie example fetching a JSON from assets4.lottiefiles.com, and many rules showing // with remote URLs), and that fetched, untrusted third‑party data is parsed and used to set composition props/metadata or drive rendering logic—so external content can materially influence behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The transcribe-captions example uses installWhisperCpp and downloadWhisperModel (see https://www.remotion.dev/docs/install-whisper-cpp), which at runtime download and install Whisper.cpp and model binaries (remote code) that will be executed for transcription, so this is a runtime fetch of external code that is executed.