remotion-render
Fail
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: HIGHREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [REMOTE_CODE_EXECUTION]: The Quick Start instructions include the command
curl -fsSL https://cli.inference.sh | sh. This pattern downloads a shell script from a remote URL and executes it directly, allowing for arbitrary code execution on the host system without prior user review. - [COMMAND_EXECUTION]: The skill relies on the
infshCLI tool to perform its operations, which is granted execution permissions via theallowed-tools: Bash(infsh *)configuration. - [EXTERNAL_DOWNLOADS]: During the installation phase, the skill fetches binary executables from
dist.inference.sh. While the documentation claims SHA-256 verification is performed, the integrity depends entirely on the remote script being executed. - [PROMPT_INJECTION]: The skill is designed to accept and process React/TSX code via the
codeparameter. This input is intended for rendering but constitutes a surface for indirect injection if the code is derived from untrusted third-party data without sanitization.
Recommendations
- HIGH: Downloads and executes remote code from: https://cli.inference.sh - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata