opencode-permission

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 0.80). The skill edits the agent's permission configuration (~/.config/opencode/opencode.jsonc) to auto-approve or deny arbitrary shell commands, thereby changing the machine's security posture and enabling the agent to bypass confirmations for potentially dangerous actions (even though it doesn't require sudo), so it meaningfully risks compromising the machine state.