remotion-best-practices
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The documentation provides instructions to install various official Remotion packages and supporting libraries like Mapbox and Zod using standard package managers (npm, yarn, pnpm, bun).
- [EXTERNAL_DOWNLOADS]: The transcription rule file details how to download the whisper.cpp binary and associated language models using the official
@remotion/install-whisper-cpputility. - [COMMAND_EXECUTION]: The skill includes code snippets demonstrating the use of
child_process.execSyncto runffmpegfor audio file processing during transcription. - [DATA_EXFILTRATION]: Multiple rules provide examples of using the
fetchAPI to retrieve dynamic content, such as metadata, captions, and Lottie animation files, from remote sources. - [CREDENTIALS_UNSAFE]: The Mapbox integration guide suggests storing API tokens in a
.envfile, adhering to standard security practices for local configuration.
Audit Metadata