Back to plugin

Security audit

AI Inner Os

Security checks across malware telemetry and agentic risk

Overview

The skill mostly matches its stated purpose, but one plugin path builds a shell command with an unquoted dynamic persona value, which should be reviewed before installation.

Before installing, review the OpenCode shell-execution path or wait for a fix that uses safe argument handling. If you install anyway, prefer pinned marketplace/release installation, avoid untrusted persona names, and only enable prompt-history/profile features with narrow, explicit approval.

VirusTotal

VirusTotal engine telemetry is currently stale for this artifact.

View on VirusTotal

Static analysis

Detected: suspicious.dangerous_exec

Shell command execution detected (child_process).

Critical
Code
suspicious.dangerous_exec
Location
opencode/plugins/inner-os.js:106
Evidence
return execSync(`node ${JSON.stringify(script)} ${name}`, {