remotion-best-practices

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.85). This skill explicitly fetches and ingests open/public third-party content (e.g., calculate-metadata.md uses fetch(props.dataUrl) to load JSON and set composition props/duration, display-captions.md and import-srt-captions.md fetch and parse remote caption files to drive sequencing/timing, lottie.md fetches Lottie JSON from lottiefiles, and assets/images/videos rules allow arbitrary remote URLs), and that fetched, potentially user-generated content is parsed and used to control rendering behavior and props—so external content can materially influence tool decisions and workflow.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.70). The transcribe example uses @remotion/install-whisper-cpp (see https://www.remotion.dev/docs/install-whisper-cpp/transcribe) and calls installWhisperCpp/downloadWhisperModel at runtime, which will fetch and install external native code and models that are executed as a required dependency.