remotion-server
Pass
Audited by Gen Agent Trust Hub on Mar 20, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill automates the download and installation of various dependencies. Specifically, 'scripts/setup.sh' fetches system-level libraries (such as libnss3, libatk, and libgbm) from official operating system repositories to support Chrome Headless Shell. Additionally, 'scripts/create.sh' utilizes 'npm install' to download packages like 'remotion', '@remotion/cli', and 'typescript' from the public npm registry.
- [COMMAND_EXECUTION]: The skill performs several command-line operations to manage the environment. 'scripts/setup.sh' executes 'sudo apt-get' or 'yum' to install necessary system components. 'scripts/create.sh' automates project scaffolding by creating directories and writing configuration files (e.g., 'remotion.config.ts') to the local filesystem. The skill instructions also guide the agent to execute rendering and thumbnail generation tasks using 'npx remotion'.
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface through its data ingestion mechanisms.
- Ingestion points: Untrusted data can enter the agent's context via the 'messages.json' file in the 'chat' template or through the '--props' CLI argument used in render commands.
- Boundary markers: There are no explicit delimiters or 'ignore embedded instructions' warnings present in the generated project templates.
- Capability inventory: Across its scripts, the skill has the capability to execute shell commands, install packages, and write files to the system.
- Sanitization: No sanitization or validation logic is applied to the external content before it is interpolated into the React-based video compositions.
Audit Metadata