opencode

Warn

Audited by Socket on Jun 29, 2026

1 alert found:

Anomaly
AnomalyLOW
SKILL.md

SUSPICIOUS: the skill is coherent with its stated purpose, but that purpose is inherently powerful. It delegates broad shell/filesystem authority and credentialed model access to an external CLI, plus optional access to other iii workers; acceptable only in a trusted environment with strict approval and install controls.

Confidence: 85%Severity: 68%
Audit Metadata
Analyzed At
Jun 29, 2026, 03:12 PM
Package URL
pkg:socket/skills-sh/iii-hq%2Fworkers%2Fopencode%2F@da1f4351926e3530bc363b08611d369e98ebb5655bd377d00a96d76d0a9d9a80
Security Audit — socket — opencode