remotion
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the Bash tool to perform project setup and video rendering tasks, including npm install, npm create video, and npx remotion render. These are expected operations for a programmatic video generation tool.
- [EXTERNAL_DOWNLOADS]: The skill downloads visual assets (screenshots) and design metadata from Stitch projects. These downloads typically target storage.googleapis.com, which is a well-known service. It also retrieves Node.js dependencies from the npm registry.
- [PROMPT_INJECTION]: The skill has an indirect prompt injection surface as it processes screen titles and descriptions from the Stitch API to generate video overlays. Ingestion points: The skill fetches screen data using stitch:get_screen as described in SKILL.md. Boundary markers: No boundary markers or instructions to ignore embedded commands are present in the provided templates. Capability inventory: The skill has access to Bash, Read, Write, and web_fetch tools, which could be leveraged if malicious instructions were successfully injected into the design metadata. Sanitization: There is no evidence of sanitization or filtering of the retrieved metadata before it is interpolated into the Remotion components.
Audit Metadata