opencode-ts
Pass
Audited by Gen Agent Trust Hub on May 15, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill consists entirely of documentation and code references in Markdown and JSON formats. It does not contain any executable scripts or hidden instructions.
- [COMMAND_EXECUTION]: The skill documentation describes the command execution capabilities of the 'opencode' software (e.g., BashTool, Process utility, git runner) as part of its architectural reference. These are descriptive examples of how the target software works and do not represent malicious command execution by the skill itself.
- [EXTERNAL_DOWNLOADS]: References are made to official repositories and documentation for established technologies including GitHub (sst/opencode), Effect-TS, and Zod. These are well-known, trusted technical resources and are documented neutrally within the context of the skill's technical domain.
- [PROMPT_INJECTION]: No malicious prompt injection patterns were detected. Instructional language like 'IMPORTANT' is used strictly for technical guidance and adhering to the project's coding standards. A section regarding the removal of speculative safeguards in a system prompt (Pattern 5c in refactoring-patterns.md) describes a historical cleanup within the target codebase's development history and is not an attempt to bypass the current agent's safety protocols.
Audit Metadata