opencode-rs-sdk
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill functions as a documentation resource for the opencode-sdk library. No patterns of prompt injection, obfuscation, or unauthorized data access were found.
- [COMMAND_EXECUTION]: The SDK provides modules like ManagedServer and CliRunner for programmatically spawning local processes. These are standard features for its intended use case in managed runtime environments.
- [DATA_EXFILTRATION]: The skill documents the use of directory-related headers and parameters to provide workspace context to the API. This is consistent with standard API integration and does not involve exfiltration of sensitive information.
- [PROMPT_INJECTION]: The skill facilitates the processing of streaming data from an external API, which is an inherent feature of event-driven SDKs.
- Ingestion points: SSE event streams (e.g., Event variants in src/types/event.rs) and API responses.
- Boundary markers: The documentation does not specify markers to isolate external data from agent instructions.
- Capability inventory: File system interactions via FilesApi, process management via ManagedServer, and shell access via PtyApi.
- Sanitization: The reference does not detail specific sanitization routines for incoming event data.
Audit Metadata