remotion-best-practices
Pass
Audited by Gen Agent Trust Hub on Mar 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONCREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill provides code and instructions for executing system commands. Examples include the use of
ffmpegandffprobefor video processing inrules/ffmpeg.mdandrules/transcribe-captions.md. Additionally, the transcription rule involves running compiledwhisper.cppbinaries. - [EXTERNAL_DOWNLOADS]: The skill facilitates the download and installation of external software and assets. In
rules/transcribe-captions.md, it provides logic to installwhisper.cppand associated AI models.rules/sfx.mddirects users to a third-party GitHub repository (github.com/kapishdima/soundcn) for sound effects. Several rules also involve fetching data from external URLs (e.g., Lottie animations and Mapbox styles). - [CREDENTIALS_UNSAFE]: The skill requires sensitive API keys for external services.
rules/voiceover.mdnecessitates anELEVENLABS_API_KEYand instructs the agent to ask the user for it if missing.rules/maps.mdrequires aREMOTION_MAPBOX_TOKENto be stored in a.envfile. - [PROMPT_INJECTION]: The skill creates a surface for indirect prompt injection by processing untrusted data.
- Ingestion points: Data is fetched from user-supplied URLs in
rules/calculate-metadata.mdand JSON caption files are loaded inrules/display-captions.md. Audio files are also processed for transcription inrules/transcribe-captions.md. - Boundary markers: The code snippets do not implement clear delimiters or safety warnings to prevent the agent from following instructions embedded in processed data.
- Capability inventory: The skill uses network requests (
fetch), file system writes (writeFileSync), and shell command execution (execSync). - Sanitization: There is no evidence of validation or sanitization for the content retrieved from external URLs or parsed from input files.
Audit Metadata