opencode-controller
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security issues detected. The skill implements a structured workflow with clear role separation between planning and building.
- [COMMAND_EXECUTION]: The skill interacts with the 'opencode' CLI tool and uses internal slash commands (/sessions, /agents, /models) to manage operations. These commands are part of the tool's standard interface and are governed by explicit user confirmation steps defined in the skill instructions.
- [DATA_EXPOSURE_AND_EXFILTRATION]: Authentication processes are handled transparently by relaying login URLs from the tool to the user. No hardcoded credentials, sensitive file access, or unauthorized network operations were identified.
Audit Metadata