Skills
skills/phrazzld/claude-config/remotion-render/Gen Agent Trust Hub

remotion-render

Fail

Audited by Gen Agent Trust Hub on Feb 27, 2026

Risk Level: CRITICALREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [REMOTE_CODE_EXECUTION]: The installation instruction curl -fsSL https://cli.inference.sh | sh pipes a remote script directly into the shell for execution. This source is not on the trusted vendor list and bypasses standard package management security procedures.\n- [EXTERNAL_DOWNLOADS]: The skill downloads binaries and configuration files from dist.inference.sh during the setup and runtime process, which are executed locally.\n- [COMMAND_EXECUTION]: The skill requires permission to execute shell commands via the Bash tool, specifically for the infsh CLI, allowing it to perform arbitrary operations on the underlying system.\n- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection through the processing of React/TSX code.\n
  • Ingestion points: The code parameter in the input schema allows users to provide arbitrary TSX code for video rendering.\n
  • Boundary markers: Absent. There are no delimiters or specific instructions provided to the agent to ignore instructions embedded within the user-provided code.\n
  • Capability inventory: The skill uses Bash(infsh *) to run the rendering application with the supplied code.\n
  • Sanitization: Absent. User-provided TSX code is passed directly to the rendering service without verification or sandboxing.
Recommendations
  • HIGH: Downloads and executes remote code from: https://cli.inference.sh - DO NOT USE without thorough review
  • AI detected serious security threats
Audit Metadata
Risk Level
CRITICAL
Analyzed
Feb 27, 2026, 02:26 PM