remotion-best-practices-2
Pass
Audited by Gen Agent Trust Hub on Mar 17, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill provides instructions to install official
@remotionscope packages (e.g.,@remotion/three,@remotion/media,@remotion/captions,@remotion/lottie) and themediabunnylibrary via standard package managers using theremotion addcommand. - [DATA_EXFILTRATION]: Contains patterns for fetching external data using the
fetch()API for retrieving Lottie animation JSON files, SRT subtitles, and dynamic composition metadata. These operations target well-known or example domains such aslottiefiles.comandremotion.dev. - [COMMAND_EXECUTION]: Demonstrates the use of shell commands (
npx,yarn,pnpm) for package management and project integration tasks. - [PROMPT_INJECTION]: Includes an instruction for the agent to use
WebFetchto retrieve official Tailwind CSS documentation fromremotion.dev, which serves as an indirect ingestion point for external content. - Ingestion points: Documentation retrieval in
rules/tailwind.mdand dynamic metadata fetching inrules/calculate-metadata.md. - Boundary markers: None specified in the provided code snippets.
- Capability inventory: Package installation via
remotion addand network requests viafetch. - Sanitization: Not demonstrated in the simplified best-practice examples.
Audit Metadata