remotion-best-practices
Pass
Audited by Gen Agent Trust Hub on Apr 18, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill serves as a documentation resource for Remotion development and does not contain any malicious code or instructions.
- [COMMAND_EXECUTION]: Instructions provided for package management (e.g., npx remotion add) and CLI tools (e.g., remotion ffmpeg) are standard practices within the Remotion ecosystem and occur in a local development context.
- [EXTERNAL_DOWNLOADS]: The skill references official Remotion assets, documentation, and trusted services such as Google Fonts, Mapbox, and ElevenLabs. These downloads are legitimate requirements for the described functionality.
- [CREDENTIALS_UNSAFE]: The skill demonstrates safe security practices by instructing users to manage sensitive API keys for Mapbox and ElevenLabs using environment variables and .env files rather than hardcoding them.
- [DATA_EXFILTRATION]: Network operations (using fetch) are directed toward well-known service APIs (ElevenLabs, Mapbox) or project-specific data sources, with no evidence of sensitive data being sent to unauthorized external domains.
Audit Metadata