remotion-render
Fail
Audited by Gen Agent Trust Hub on Feb 24, 2026
Risk Level: HIGHREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill documentation specifies an installation command
curl -fsSL https://cli.inference.sh | shwhich pipes a remote script directly into the shell. This is a high-risk execution pattern as it relies on the integrity of the remote server and the transport layer. - [EXTERNAL_DOWNLOADS]: The skill's installation process downloads binary executables from
dist.inference.shto provide the core functionality. These external files are required for the skill's primary operation. - [COMMAND_EXECUTION]: The skill is configured to use the
Bashtool to runinfshcommands, allowing the agent to execute subcommands via the external CLI tool. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection via the
codeparameter. 1. Ingestion points: Thecodeparameter in theinfsh app runcommand accepts arbitrary TSX code that could originate from untrusted user input. 2. Boundary markers: The input is encapsulated within a JSON string, providing a structural boundary but no behavioral constraints against instructions embedded in the code. 3. Capability inventory: The skill usesBashto execute theinfshCLI which performs rendering. 4. Sanitization: No explicit validation or sanitization is performed on the input code within the skill definition.
Recommendations
- HIGH: Downloads and executes remote code from: https://cli.inference.sh - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata