remotion-best-practices

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill includes explicit runtime fetches of external URLs that are treated as input to rendering logic—e.g., rules/calculate-metadata.md shows fetch(props.dataUrl) to set duration/props, rules/import-srt-captions.md and rules/lottie.md fetch remote caption/Lottie files, and Mediabunny UrlSource examples fetch arbitrary video/audio URLs—so untrusted third-party content can be ingested and materially influence tool decisions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The transcribe-captions example uses installWhisperCpp() and downloadWhisperModel() from the @remotion/install-whisper-cpp flow (see https://www.remotion.dev/docs/install-whisper-cpp), which at runtime downloads/installs whisper.cpp and model files and then executes transcription — i.e., fetching and running remote code required for the skill.