remotion-best-practices

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill includes multiple workflow steps that fetch and ingest open web content (e.g., rules/calculate-metadata.md shows calculateMetadata calling fetch(props.dataUrl), rules/display-captions.md and rules/import-srt-captions.md fetch remote caption files, and rules/lottie.md fetches Lottie JSON from assets4.lottiefiles.com), and those fetched, untrusted resources are parsed and used to set composition props/duration or rendering behavior—so third‑party content can materially influence the agent's actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The transcribe-captions rule calls installWhisperCpp() and downloadWhisperModel() from @remotion/install-whisper-cpp which (per the docs at https://www.remotion.dev/docs/install-whisper-cpp/transcribe) downloads whisper.cpp and model files at runtime and then executes them to perform transcription, so remote code/model artifacts are fetched and executed during skill runtime.