remotion-video-toolkit
Pass
Audited by Gen Agent Trust Hub on May 18, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill serves its primary purpose as a developer toolkit for the Remotion framework. All code examples follow modern React and Remotion best practices, such as using
useCurrentFrame()for frame-accurate animations. - [EXTERNAL_DOWNLOADS]: The skill references documentation and assets from well-known and trusted domains, including
remotion.devfor official documentation,lottiefiles.comfor animation assets, andgoogle-fontsfor typography. These references are documented neutrally and do not involve suspicious remote code execution. - [COMMAND_EXECUTION]: The skill includes standard CLI commands for Remotion project setup and rendering (e.g.,
npx create-video,npx remotion render). These are necessary for the skill's functionality and do not exhibit malicious patterns like privilege escalation or hidden shell commands. - [DATA_EXPOSURE]: While the skill provides examples for fetching dynamic data via URLs in
calculateMetadata, this is a core feature of Remotion for creating data-driven videos. The patterns shown are standard and do not involve hardcoded credentials or sensitive file access. - [REMOTE_CODE_EXECUTION]: The skill mentions the
bundle()function from@remotion/bundlerand the use of serverless rendering environments (AWS Lambda, Google Cloud Run). These are official Remotion features for compiling and executing project code in a controlled rendering pipeline and are not considered malicious in this context.
Audit Metadata