bridge-opencode
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructions involve executing local shell commands such as curl, which, and opencode to perform connectivity checks and route tasks to AI models.
- [EXTERNAL_DOWNLOADS]: The documentation references installing the opencode-ai tool using standard package managers like npm and brew.
- [DATA_EXFILTRATION]: The skill reads from a local .bridge-settings.json file to determine model routing configurations. This activity is confined to the local filesystem and intended for configuration purposes.
- [PROMPT_INJECTION]: As a model-agnostic bridge, the skill transmits external inputs to multiple models. While this presents an indirect prompt injection surface, it is a core functional requirement of the bridge, and the instructions recommend using the restricted, read-only plan agent to mitigate risk.
Audit Metadata