remotion-best-practices
Pass
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill provides numerous instructions for the user to execute shell commands using npx, bunx, npm, yarn, and pnpm. These commands are intended to install official Remotion extensions (e.g., @remotion/three, @remotion/captions) and utility libraries like Mapbox and Zod.
- [EXTERNAL_DOWNLOADS]: Several rule files (e.g., lottie.md, voiceover.md, assets.md) include code examples that fetch assets or configuration data from well-known external domains such as LottieFiles, ElevenLabs, and Remotion's official media hosting service.
- [DATA_EXFILTRATION]: The skill documents network operations to interact with external APIs, specifically the ElevenLabs text-to-speech service and generic data APIs via calculateMetadata. These operations are part of the intended functionality for generating dynamic video content.
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface because it is designed to ingest and process untrusted data from external sources (e.g., Lottie JSON animations, SRT subtitle files, and API responses) without implementing explicit sanitization or validation logic in the provided code snippets.
- Ingestion points: Data enters the agent context through
fetchoperations inrules/lottie.md,rules/import-srt-captions.md, andrules/calculate-metadata.md. - Boundary markers: No specific delimiters or instructions to ignore embedded content are provided in the code examples.
- Capability inventory: The skill facilitates local file system writes (for audio transcription) and subprocess execution (for package management and FFmpeg operations).
- Sanitization: No input validation or content filtering is implemented in the provided React component or Node.js script templates.
Audit Metadata