remotion-editor
Warn
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS] (MEDIUM): The skill references an unverified external library
mediabunnyinrules/asset-lifecycle.mdandrules/captioning-workflow.md. This package is recommended for audio extraction and metadata calculation, but its source and safety cannot be verified from the provided context. - [DATA_EXFILTRATION] (MEDIUM): The
captioning-workflow.mddescribes a pipeline that extracts audio and uploads it to external cloud storage (S3). This creates a data egress path. If an agent implementing these rules processes untrusted remote video URLs, it could be leveraged to exfiltrate audio data to attacker-controlled storage. - [PROMPT_INJECTION] (MEDIUM): The skill handles untrusted external data (remote video assets) and provides patterns for network operations (S3 uploads, fetching assets), creating a surface for indirect prompt injection. 1. Ingestion points: Remote URLs processed in
rules/asset-lifecycle.mdand audio extraction inrules/captioning-workflow.md. 2. Boundary markers: Absent; the code snippets do not include delimiters or instructions to ignore embedded commands in external content. 3. Capability inventory:fetch()for data retrieval and uploads inrules/asset-lifecycle.mdandrules/captioning-workflow.md. 4. Sanitization: Absent; no explicit sanitization or validation logic is provided for external URLs or transcription outputs.
Audit Metadata