remotion-server
Warn
Audited by Gen Agent Trust Hub on Feb 24, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The
scripts/setup.shscript utilizes administrative privileges (sudo) to install system-level browser dependencies such aslibnss3,libgbm1, andlibatk1.0-0which are required for Remotion to function on Linux. - [EXTERNAL_DOWNLOADS]: The skill fetches software packages from public registries, including Node.js dependencies (
remotion,@remotion/cli,@remotion/tailwind) vianpmand various system libraries viaapt-getoryum. These are well-known resources from the Remotion project and official OS distribution repositories. - [COMMAND_EXECUTION]: The
scripts/create.shscript programmatically generates project files and executes various shell commands to configure the development environment and project scaffolding. - [PROMPT_INJECTION]: The skill's workflow involves generating video projects based on user-provided descriptions and topics. This creates an indirect prompt injection surface where malicious instructions embedded in user data could be processed or executed by the agent in subsequent steps.
Audit Metadata