Oh My OpenCode
PassAudited by ClawScan on May 10, 2026.
Overview
This is a coherent OpenCode orchestration guide with no artifact-backed malicious behavior, but it relies on remote installers and enables broad autonomous/background agent workflows.
Install only if you trust OpenCode and oh-my-opencode. Use a separate git branch or worktree, review generated plans and diffs, keep OpenCode permissions conservative, monitor provider usage, and stop background/continuation workflows when you are done.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing can execute upstream package code and modify the user's OpenCode configuration.
The documented setup runs external installers/packages without a pinned version. This is expected for installing OpenCode/oh-my-opencode, but it shifts trust to those upstream sources.
bunx oh-my-opencode install; curl -fsSL https://opencode.ai/install | bash
Install only from trusted upstream sources, verify the GitHub/npm package, and consider pinning versions or testing in a separate environment first.
A user-triggered workflow may make broad code changes and run diagnostics/tests in the selected project.
The skill intentionally enables autonomous coding, testing, and likely command execution. That is the advertised purpose, but it is high-impact and should be controlled with permissions and review.
The agent will automatically: 1. Explore your codebase ... 3. Implement the feature ... 4. Verify with diagnostics and tests ... 5. Keep working until 100% complete
Use a clean git worktree, review diffs, keep backups, and configure OpenCode permissions to ask before sensitive edits, shell commands, external directory access, or web requests.
Agent activity may consume paid provider quota or use account-level permissions already configured in OpenCode.
The plugin depends on provider authentication through OpenCode. This is expected for model routing, but it uses the user's logged-in provider accounts.
At least one LLM provider authenticated (`opencode auth login`)
Use only providers/accounts you intend to grant to OpenCode, monitor usage and billing, and avoid sharing provider credentials with untrusted projects.
If stored plans are wrong or tampered with, the agent may resume from misleading instructions.
Stored plan files can be reused to drive later agent work. This is disclosed and purpose-aligned, but stale or modified plan content could influence future actions.
For Prometheus plans: Plans are stored in `.sisyphus/plans/*.md`. Run `/start-work` to resume execution.
Review `.sisyphus/plans/*.md` before resuming work and protect project files from untrusted edits.
Background agents may continue consuming time, model quota, and making project changes during an active workflow.
Background execution and continuation are explicit features. They are not hidden, but they can keep work going longer than a user expects if not monitored.
delegate_task(run_in_background=true) ... The `todo-continuation-enforcer` hook forces the agent to continue from where it left off
Monitor background tasks, keep concurrency/stale-timeout settings conservative, and use `/stop-continuation` or cancel the session when you want agent activity to stop.