remotion-to-framevideo
Warn
Audited by Socket on Jun 14, 2026
1 alert found:
AnomalyAnomalyassets/test-corpus/run.sh
LOWAnomalyLOW
assets/test-corpus/run.sh
This file does not itself implement overt malware behavior (no credentials, no exfiltration, no backdoor logic, no obfuscation). However, it is a high-impact execution harness: it runs fixture-local scripts (setup.sh/validate.sh) and performs npm-based dependency installation and rendering via npx/node/local CLI. If fixtures or dependencies are compromised or not strictly pinned/verified, this orchestrator will execute attacker-controlled code during rendering/validation. Treat it as a sensitive pipeline component requiring strong trust controls for fixture contents and dependency provenance.
Confidence: 100%Severity: 60%
Audit Metadata