opencode-cli
Pass
Audited by Gen Agent Trust Hub on May 15, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill provides instructions for downloading and installing software from well-known services. It references an installation script from Ollama's official domain in 'references/local-models.md' and various Model Context Protocol (MCP) server packages from trusted organizations like Anthropic and Upstash in 'references/mcp-servers.md'.
- [COMMAND_EXECUTION]: The primary purpose of the skill is to facilitate the execution of the 'opencode' CLI tool. It provides Python code patterns and shell command examples for invoking the CLI as a subprocess to automate LLM tasks ('SKILL.md', 'references/integration-patterns.md').
- [SAFE]: No malicious behaviors, obfuscation techniques, or unauthorized data exfiltration patterns were detected. The skill follows security best practices by recommending environment variables for sensitive credential management and providing guidance on using service accounts for cloud providers.
Audit Metadata