Skills
skills/panaversity/claude-code-skills-lab/video-generator/Gen Agent Trust Hub

video-generator

Warn

Audited by Gen Agent Trust Hub on Mar 2, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill programmatically generates and executes shell commands to scaffold project directories, write configuration files (package.json, tsconfig.json), and manage development servers. It executes these operations using npm install and npm run dev in the local workspace.
  • [REMOTE_CODE_EXECUTION]: The skill utilizes npx --yes create-video@latest and npx remotion to download and execute remote packages. It also uses a Python subprocess to decode and process audio data retrieved from the Gemini TTS API, involving a curl | python3 pattern.
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection. It uses Firecrawl to scrape content (names, taglines, descriptions) from external URLs. This untrusted data is then interpolated into the agent's context to generate React source code and video assets without explicit sanitization or boundary markers, which could allow a malicious website to influence the generated code.
  • [EXTERNAL_DOWNLOADS]: The skill downloads assets such as logos and images from arbitrary remote URLs discovered during the scraping process. It also fetches a large number of Node.js dependencies from the NPM registry.
  • [DATA_EXFILTRATION]: The skill automates the setup of a Cloudflare tunnel (trycloudflare.com) to expose the local Remotion Studio server (port 3000) to the public internet. While this is intended for user preview, it creates an external access point to the local environment.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 2, 2026, 08:29 PM