Skills
skills/gongxh13/opencode-controller/occ/Gen Agent Trust Hub

occ

Pass

Audited by Gen Agent Trust Hub on Mar 14, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The file scripts/bin/opencode-server.js uses child_process.exec to run npm install automatically if the node_modules directory is not present.
  • [COMMAND_EXECUTION]: The file scripts/src/utils/server.js utilizes child_process.spawn to initiate the opencode server process locally on the user's machine.
  • [EXTERNAL_DOWNLOADS]: The skill triggers the download of Node.js packages from the npm registry via the npm install command during its setup phase.
  • [PROMPT_INJECTION]: The skill identifies a surface for indirect prompt injection (Category 8).
  • Ingestion points: User input is captured from CLI arguments in scripts/bin/opencode-server.js (for taskDescription and userInput) and sent to the OpenCode API.
  • Boundary markers: No delimiters or boundary markers are implemented to isolate user content from system instructions.
  • Capability inventory: The skill possesses the ability to execute local commands (npm, opencode) and communicates with a local server that has development capabilities.
  • Sanitization: The skill does not perform any sanitization or validation on the text provided by the user before it is processed by the underlying tool.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 14, 2026, 03:32 AM