Back to skill
v1.0.0
Morfeo Remotion Style
BenignClawScan verdict for this skill. Analyzed May 1, 2026, 5:21 AM.
Analysis
This is a coherent Remotion style-guide skill with no evidence of credential access, persistence, data theft, or hidden behavior.
GuidanceThis skill appears safe for its stated purpose. Before running the optional setup commands, treat them like normal npm project setup: run them in the intended project folder and pin versions if you need stricter supply-chain control.
Findings (1)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Abnormal behavior control
Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.
Agentic Supply Chain Vulnerabilities
SeverityLowConfidenceHighStatusNote
SKILL.md
npx create-video@latest --template blank npm i @remotion/google-fonts
The setup guidance asks the user to fetch packages from npm, including an @latest template. This is normal for creating a Remotion project, but users should understand it relies on external package provenance.
User impactIf the user follows the setup commands, their environment will download and run standard npm tooling for a Remotion project.
RecommendationUse the commands only in a project directory you trust, and consider pinning package versions if reproducible or tightly controlled builds are required.