opencode

Warn

Audited by Snyk on Jun 29, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W013: Attempt to modify system services in skill instructions.

  • Attempt to modify system services in skill instructions detected (high risk: 0.80). This skill explicitly spawns a full agent with the host's shell and filesystem access and can call registered functions (i.e., run arbitrary commands in a chosen working directory), which enables changing system files or state and thus can compromise the machine.

Issues (1)

W013
MEDIUM

Attempt to modify system services in skill instructions.

Audit Metadata
Risk Level
MEDIUM
Analyzed
Jun 29, 2026, 03:11 PM
Issues
1
Security Audit — snyk — opencode