remotion-best-practices

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and ingests external, potentially untrusted content as part of its workflow (e.g., rules/calculate-metadata.md shows fetch(props.dataUrl), rules/get-video-duration.md and rules/extract-frames.md use UrlSource/remote URLs, rules/lottie.md fetches a Lottie JSON from lottiefiles, and rules/voiceover.md calls the ElevenLabs API), so third‑party data can directly influence metadata, rendering decisions, and subsequent actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The transcribe example calls installWhisperCpp and downloadWhisperModel (see https://www.remotion.dev/docs/install-whisper-cpp/transcribe), which at runtime fetch external whisper.cpp binaries/models and run them to perform transcription, so it downloads and executes remote code that the skill depends on.