The Agent Skills Directory

[EXTERNAL_DOWNLOADS] (HIGH): The file rules/transcribe-captions.md provides code to download the whisper.cpp binary and machine learning models directly into the project directory using installWhisperCpp and downloadWhisperModel.
[REMOTE_CODE_EXECUTION] (HIGH): rules/transcribe-captions.md includes the transcribe function which executes the unverified downloaded binary (whisper.cpp) via a Node.js script.
[COMMAND_EXECUTION] (MEDIUM): Nearly every rule file (e.g., rules/3d.md, rules/audio.md, rules/lottie.md) encourages the use of npx remotion add or package managers to install various @remotion/* dependencies. While standard for this framework, these commands download and execute third-party code from npm.
[DATA_EXFILTRATION] (LOW): Several files (rules/calculate-metadata.md, rules/compositions.md, rules/lottie.md) demonstrate fetching data from remote URLs provided via component props. An attacker controlling these props could potentially cause the agent to send requests to arbitrary external servers.
[INDIRECT_PROMPT_INJECTION] (LOW): The skill is designed to process external media metadata, subtitle files, and JSON data.
Ingestion points: rules/calculate-metadata.md (props.dataUrl), rules/display-captions.md (captions.json), rules/lottie.md (external JSON assets).
Boundary markers: Absent. Instructions for handling the fetched data do not include sanitization or boundary delimiters.
Capability inventory: Includes file system writes (fs.writeFileSync), network requests (fetch), and binary execution (transcribe).
Sanitization: Absent. Fetched JSON data is typically parsed and used directly to drive animation properties or metadata calculation.

remotion-best-practices