remotion-to-hyperframes
Pass
Audited by Gen Agent Trust Hub on Jun 14, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: No override or bypass patterns detected. The instructions maintain clear boundaries and focus on the migration task. The 'escape-hatch' section is a legitimate technical recommendation for non-translatable code using an interop pattern, not an instruction to bypass safety filters.
- [DATA_EXFILTRATION]: No sensitive file access or unauthorized network exfiltration patterns found. Network activity is confined to well-known CDNs (cdnjs, unpkg) and official GitHub PR links for documentation purposes.
- [EXTERNAL_DOWNLOADS]: Downloads are limited to well-known technology services. The skill references GSAP from cdnjs and Lottie-web from cdnjs/unpkg, which are standard practices for web-based animation compositions.
- [COMMAND_EXECUTION]: The skill uses local shell scripts (lint_source.py, render_diff.sh, run.sh) exclusively for its internal testing corpus and validation. These scripts perform deterministic tasks like calculating SSIM scores or running regex-based linting on source files. No arbitrary or unsafe command execution was identified.
- [CREDENTIALS_UNSAFE]: No hardcoded secrets, API keys, or private tokens detected. Configuration files (remotion.config.ts) and environment variable references (R2HF_SSIM_THRESHOLD) are used for benign rendering settings.
- [OBFUSCATION]: All scripts and markdown files are in plain text and fully readable. No Base64-encoded strings, zero-width characters, or homoglyphs were found.
- [REMOTE_CODE_EXECUTION]: No patterns of 'curl | bash' or dynamic execution of untrusted remote content detected. Remote references are limited to static library assets from trusted CDNs.
- [INDIRECT_PROMPT_INJECTION]: While the skill processes user-provided Remotion code (untrusted data), it implements a strict 'lint-then-translate' workflow. The use of a regex-based linter (scripts/lint_source.py) to block complex React patterns (useState, useEffect) significantly reduces the surface area for logic-based injections.
- [PRIVILEGE_ESCALATION]: No use of sudo, chmod 777, or other privilege-altering commands found. Scripts operate within standard user permissions.
- [DYNAMIC_EXECUTION]: The skill generates static HTML and GSAP timelines. It does not use eval() or similar constructs to execute code generated from user input at runtime.
Audit Metadata