opencode-improved
Pass
Audited by Gen Agent Trust Hub on Apr 13, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill fetches configuration files and documentation from external web resources and GitHub repositories to facilitate its analysis workflow.- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its core functionality of processing external, untrusted content. A malicious external resource could contain instructions designed to manipulate the agent's behavior during the extraction or recommendation phases. \n
- Ingestion points: External URLs and repository content provided via the
/improvecommand arguments. \n - Boundary markers: Absent; there are no explicit delimiters or instructions provided to the agent to treat external content as data rather than instructions. \n
- Capability inventory: The skill accesses local project configuration files (
opencode.json) and performs network-based content retrieval. \n - Sanitization: Absent; the skill does not include steps to sanitize or validate the content fetched from external sources before processing.
Audit Metadata