remotion-best-practices
Warn
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADS
Full Analysis
- [EXTERNAL_DOWNLOADS] (MEDIUM): The skill instructs the user to install several packages from the @remotion scope and the zod library. Since these packages are not included in the pre-defined Trusted External Sources list, they are considered unverifiable dependencies that require manual vetting of the npm registry before use. \n- [INDIRECT_PROMPT_INJECTION] (LOW): The skill identifies multiple ingestion points for untrusted data, specifically when fetching metadata or component props from remote URLs (e.g., in calculate-metadata.md and lottie.md). \n
- Ingestion points: Data entering the system via fetch() calls to URLs provided in props or documentation links. \n
- Boundary markers: Absent. The code snippets do not show the use of explicit delimiters to separate instructions from data. \n
- Capability inventory: Limited to network asset retrieval and React-based UI rendering; no direct command execution or file system write access is granted to the processed data. \n
- Sanitization: Present. The parameters.md rule strongly advocates for using Zod to define and validate prop schemas, which is an effective mitigation against malformed or malicious data injection. \n- [COMMAND_EXECUTION] (SAFE): Shell commands found in the rule files are restricted to package management (npx remotion add) and are intended to be executed by the developer during project initialization. \n- [DATA_EXFILTRATION] (SAFE): No malicious data exfiltration patterns were detected. Network activities are confined to legitimate asset loading and metadata fetching.
Audit Metadata