Skills
skills/aradotso/ai-agent-skills/oh-my-openagent-orchestration/Gen Agent Trust Hub

oh-my-openagent-orchestration

Pass

Audited by Gen Agent Trust Hub on May 16, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill installs the oh-my-opencode package from the npm registry and references documentation from a public repository on GitHub (code-yeongyu/oh-my-openagent).
  • [REMOTE_CODE_EXECUTION]: Installation instructions include running npx oh-my-opencode, which downloads and executes external code from the npm registry at runtime.
  • [COMMAND_EXECUTION]: The framework orchestrates autonomous development tasks using commands like ultrawork and ulw, which have the capability to perform file system modifications (edit_file) and execute tool-based operations.
  • [DATA_EXFILTRATION]: The framework includes anonymous telemetry collection via PostHog to track usage, although users are provided with environment variables to disable this functionality.
  • [PROMPT_INJECTION]: The skill processes complex user tasks to coordinate agent actions, creating an indirect prompt injection surface where untrusted data could influence autonomous capabilities.
  • Ingestion points: User-provided requirements via the ultrawork, ulw, and hyperplan commands.
  • Boundary markers: No boundary markers or instruction-guarding delimiters are specified in the instructions for isolating external tasks.
  • Capability inventory: Includes file modification (edit_file), web searching (exa), code searching (grep.app), and background agent spawning.
  • Sanitization: No sanitization or input validation logic is described for the incoming tasks or processed data.
Audit Metadata
Risk Level
SAFE
Analyzed
May 16, 2026, 02:33 PM
Security Audit — agent-trust-hub — oh-my-openagent-orchestration