motion-graphics

Pass

Audited by Gen Agent Trust Hub on Jun 23, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill implements a workflow in 'Phase 3
  • Gather external context' that fetches data from arbitrary URLs found within a user-supplied script. This retrieved content is used to inform the 'visual brief' and design of the generated clips, creating an attack surface for indirect prompt injection where an external source could influence the agent's output.
  • Ingestion points: Web content fetched via 'WebFetch' from URLs discovered in 'script.md'.
  • Boundary markers: Absent; the fetched content is stored in the 'motion-graphics/refs/' directory and read without explicit delimiters to prevent instruction override.
  • Capability inventory: Subprocess execution (npm, npx, remotion), file system write access (generating TSX files), and network access (Phase 3).
  • Sanitization: None; the skill reads and acts upon the fetched content as raw context for design generation.
  • [EXTERNAL_DOWNLOADS]: The setup process in Phase 2 involves downloading and executing tools and libraries from the npm registry, including 'create-video' and various Remotion animation packages. The skill also installs another AI skill using 'npx skills add remotion-dev/skills'. These are standard dependencies for the declared purpose of video generation from well-known sources.
  • [COMMAND_EXECUTION]: The skill executes multiple shell commands to manage the project lifecycle, including 'npm install' for package management, 'npx tsc' for type-checking the generated code, and 'npx remotion render' for producing the final MP4 output files.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 23, 2026, 09:09 AM
Security Audit — agent-trust-hub — motion-graphics