ogt-cli-opencode
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSDATA_EXFILTRATIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS] (MEDIUM): The skill installs the 'opencode-cli' package from npm, which is not a trusted source, posing a potential supply chain risk.
- [DATA_EXFILTRATION] (MEDIUM): Local source code is read and transmitted to an external service for analysis and code generation tasks, which could expose sensitive or proprietary logic.
- [COMMAND_EXECUTION] (LOW): The skill executes binary commands and references a local script (run-opencode-task.cjs) to perform tasks, allowing for interaction with the host system.
- [PROMPT_INJECTION] (LOW): The skill is susceptible to indirect prompt injection because it ingests untrusted data from local files. 1. Ingestion points: Local source files via analyze, test, and refactor commands. 2. Boundary markers: Absent; no delimiters are used to separate file content from instructions. 3. Capability inventory: Supports command execution and file writing. 4. Sanitization: Absent; file content is passed directly to the external service.
Audit Metadata