Skills
skills/remotion-dev/remotion/upload-r2/Gen Agent Trust Hub

upload-r2

Fail

Audited by Gen Agent Trust Hub on Jun 22, 2026

Risk Level: HIGHDATA_EXFILTRATIONCOMMAND_EXECUTION
Full Analysis
  • [DATA_EXFILTRATION]: Accesses a sensitive configuration file at a hardcoded local path: /Users/jonathanburger/remotion/packages/remotion-media/.env. This file is explicitly identified as containing AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY credentials.
  • [COMMAND_EXECUTION]: Utilizes the bun runtime to execute an inline JavaScript script via the -e flag, which performs file operations and S3 uploads using credentials loaded from the local environment file.
  • [COMMAND_EXECUTION]: Executes system shell commands including git worktree list and curl -I to manage local repository paths and verify remote asset hosting status.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Jun 22, 2026, 10:23 AM
Security Audit — agent-trust-hub — upload-r2