Skills
skills/mmcmedia/openclaw-agents/remotion-video-toolkit/Gen Agent Trust Hub

remotion-video-toolkit

Warn

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • COMMAND_EXECUTION (MEDIUM): The skill relies on npx remotion and the @remotion/renderer Node.js API to perform video rendering and project bundling. While functional for the tool's purpose, this involves the execution of shell commands and code bundling processes.
  • PROMPT_INJECTION (MEDIUM): Evidence of a Category 8 (Indirect Prompt Injection) surface found in rules/tailwind.md. The instruction explicitly directs the agent to 'fetch https://www.remotion.dev/docs/tailwind using WebFetch for instructions.' This pattern of fetching external URLs for instructions can be exploited if the remote content is compromised.
  • PROMPT_INJECTION (MEDIUM): The skill exhibits an Indirect Prompt Injection surface (Category 8) across several files (rules/compositions.md, rules/lottie.md, rules/import-srt-captions.md).
  • Ingestion points: calculateMetadata fetches from props.dataUrl, and components fetch Lottie JSON and SRT files from remote URLs.
  • Boundary markers: No explicit delimiters or 'ignore embedded instructions' warnings are provided for the fetched content.
  • Capability inventory: The agent can execute commands and write files through the rendering pipeline.
  • Sanitization: No evidence of sanitization or validation of external data before it is processed in the rendering lifecycle.
  • EXTERNAL_DOWNLOADS (LOW): The skill utilizes multiple third-party packages, including a non-standard dependency mediabunny for media metadata extraction (rules/can-decode.md, rules/extract-frames.md). While common in development, these represent unverifiable external dependencies.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 16, 2026, 09:04 PM