The Agent Skills Directory

[COMMAND_EXECUTION]: The utility function execute_cmd in opencode_utils.py uses subprocess.run with shell=True. In list_sessions.py, this function is used to execute commands where the project path is interpolated directly into the shell string. If the project path returned by the local OpenCode service contains shell metacharacters, it could lead to arbitrary command execution.
[EXTERNAL_DOWNLOADS]: The skill relies on the opencode_ai Python package. This is a vendor-provided SDK from volcengine that manages communication with the OpenCode service.
[PERSISTENCE_MECHANISMS]: The start_opencode function in opencode_utils.py launches the opencode serve process using os.setsid on Linux/macOS or DETACHED_PROCESS on Windows. This allows the process to completely detach from the parent and continue running in the background after the skill has finished execution.
[INDIRECT_PROMPT_INJECTION]: The skill reads and displays message content from OpenCode sessions, creating a surface for indirect instructions.
- Ingestion points: Fetches session messages from the local service at http://127.0.0.1:4096 via the opencode_ai client in list_sessions.py.
- Boundary markers: Absent. Message text is joined and printed directly without delimiters.
- Capability inventory: Includes subprocess.run with shell=True in opencode_utils.py.
- Sanitization: No sanitization or escaping of session message content or project paths is performed before processing.

opencode