remotion-best-practices

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's examples and required workflow explicitly fetch and ingest external, potentially untrusted URLs (e.g., the calculateMetadata example in SKILL.md that does fetch(https://api.example.com/video/${props.videoId}), the Lottie example in rules/lottie.md that fetches https://assets4.lottiefiles.com/..., and multiple Video/Audio/AnimatedImage examples that accept remote URLs), and those fetched payloads are parsed/used to set metadata, props, or render behavior—so third-party content can materially influence tool decisions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.70). The transcribe-captions example calls installWhisperCpp and downloadWhisperModel (see https://www.remotion.dev/docs/install-whisper-cpp), which at runtime download and install/execute whisper.cpp binaries and model files — a required dependency that fetches and runs remote code.