Opencode Acp Control

Security checks across malware telemetry and agentic risk

Overview

This is a coherent OpenCode control skill, but it gives an agent broad local OpenCode control and includes update instructions that can stop running work without clear confirmation.

Install only if you intentionally want an agent to drive OpenCode in local projects. Before use, verify the opencode installation yourself, restrict work to intended directories, avoid sharing secrets, and require explicit confirmation before file changes, terminal actions, updates, process killing, or resuming old sessions.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 86% confidence
Finding: The update workflow instructs the agent to enumerate and kill running OpenCode processes, which can abruptly terminate active user work and in-flight sessions without confirmation. In an agent context, this creates an unsafe operational action that can cause denial of service or interruption of ongoing tasks across projects.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal