Media
Pass
Audited by Gen Agent Trust Hub on Mar 23, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes local system commands including
bun,npx remotion, andmagick(ImageMagick) to perform image composition and video rendering. (Files:Art/Tools/ComposeThumbnail.ts,Remotion/Tools/Render.ts) - [EXTERNAL_DOWNLOADS]: The skill makes network requests to several external service providers including the Discord API (for Midjourney), the remove.bg API, and multiple AI providers (OpenAI, Replicate, Google). (Files:
Art/Tools/Generate.ts,Art/Lib/discord-bot.ts) - [COMMAND_EXECUTION]: The skill is configured to send a local voice notification via
curlimmediately upon invocation to notify the user of background activity. (File:Art/SKILL.md) - [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection within the programmatic video generation workflow.
- Ingestion points:
Remotion/Workflows/ContentToAnimation.md(ingests data from YouTube transcripts, Article URLs, PDFs, and Tweets/Threads). - Boundary markers: Absent; untrusted data is interpolated into the workflow context.
- Capability inventory: Command execution (
npx remotion), file writing (/tmp/remotion-*), and network operations. - Sanitization: Absent; the workflow analyzes content structure and timing but does not sanitize the text for potentially malicious instructions. (File:
Remotion/Workflows/ContentToAnimation.md)
Audit Metadata