pandastudio
Pass
Audited by Gen Agent Trust Hub on Apr 26, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTION
Full Analysis
- [SAFE]: The PandaStudio skill provides a legitimate interface for video editing tasks. The instructions for CLI usage and project management are aligned with the software's documentation and intended use cases.
- [COMMAND_EXECUTION]: The skill employs the pandastudio CLI and shell utilities like jq to interact with project files and perform editing operations. These commands are executed locally to drive the editor's functionality.
- [EXTERNAL_DOWNLOADS]: The skill utilizes npx to manage updates for the @writepanda/mcp and hyperframes packages. It also references well-known animation libraries like GSAP from trusted CDNs (unpkg.com and jsdelivr.net) within HTML templates. These external resources are part of the standard video production workflow for this tool.
- [REMOTE_CODE_EXECUTION]: The motion.render-html capability allows for rendering dynamically generated HTML/JS code. In this skill, it is used for its primary purpose of creating custom motion graphics overlays. While this involves dynamic execution, it is a core feature of the integrated software used for creative output.
Audit Metadata