skills/mskadu/opencode-agent-skills/permission-manager/Snyk

permission-manager

Warn

Audited by Snyk on Jun 14, 2026

Risk Level: MEDIUM

Full Analysis

MEDIUM W013: Attempt to modify system services in skill instructions.

Attempt to modify system services in skill instructions detected (high risk: 0.70). The skill explicitly instructs the agent to edit the opencode permission config file (~/.config/opencode/opencode.json) and change allow/deny rules (a security-sensitive state change that can enable harmful actions), so even without sudo it can compromise the machine's security posture if misused.

Issues (1)

W013

MEDIUM

Attempt to modify system services in skill instructions.

Audit Metadata

Risk Level

MEDIUM

Analyzed

Jun 14, 2026, 08:33 AM

Issues

1

Security Audit — snyk — permission-manager