remotion-best-practices
Pass
Audited by Gen Agent Trust Hub on May 5, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill serves as a documentation resource, providing legitimate architectural guidance and code snippets for video development with Remotion.
- [EXTERNAL_DOWNLOADS]: Several rule files (e.g., 3d.md, audio.md, fonts.md) provide instructions to install official @remotion/* scoped packages and the mediabunny library using standard package managers (npm, bun, yarn, pnpm). These resources are well-known and directly related to the skill's primary purpose.
- [COMMAND_EXECUTION]: The skill includes shell commands intended for the user to add dependencies to their project (e.g., 'npx remotion add @remotion/media'). These commands are standard for the Remotion ecosystem and do not involve arbitrary or malicious execution.
- [DATA_EXFILTRATION]: While some examples (e.g., lottie.md, calculate-metadata.md) show 'fetch()' operations to remote URLs, these are used for legitimate purposes such as loading animation assets or retrieving video metadata. The URLs used are either well-known services (LottieFiles) or placeholders (example.com).
Audit Metadata