Opencode Guide
ReviewAudited by ClawScan on May 10, 2026.
Overview
This skill has a coherent opencode workflow, but it includes broad shell execution and callback routing that could send task results to the wrong OpenClaw/QQ session.
Install only if you understand that this skill delegates code work to opencode, stores task results locally, and sends callback messages to an OpenClaw/QQ session. Before using it, replace the hard-coded session key, verify the callback target, and avoid the bash-c wrapper unless the command is fully trusted.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Task descriptions, status updates, and possibly result summaries could be sent to the wrong chat/session if the agent follows the example literally.
The recommended command includes a concrete QQ/OpenClaw session key instead of a placeholder or runtime-selected current session, while the skill says completion notifications are sent through task-callback.sh.
/home/root1/.openclaw/scripts/opencode-auto-callback.sh \ "agent:main:qqbot:direct:1de7b85a1abc58fb6caebb5b9255a560"
Replace hard-coded session keys with a placeholder and require the agent or user to select the current session at runtime before sending callbacks.
A malformed or malicious task command could execute unintended local commands, not just opencode.
The wrapper executes a caller-supplied command string through bash -c, which can run arbitrary shell commands if unsafe input is passed.
OPENCODE_CMD="$3" ... timeout "$TIMEOUT" bash -c "$OPENCODE_CMD --format json 2>&1" > "$JSON_OUTPUT"
Avoid bash -c for user-controlled command strings; invoke opencode with a fixed executable and validated argument array instead.
Installing or uninstalling the package can change files in the local OpenClaw scripts directory.
The package lifecycle copies helper scripts into the OpenClaw script directory and removes matching files on uninstall; this is related to the skill purpose but not reflected in the install-spec metadata.
"postinstall": "cp -r scripts/* ~/.openclaw/scripts/ 2>/dev/null || true", "preuninstall": "rm -f ~/.openclaw/scripts/opencode-*.sh ~/.openclaw/scripts/README-opencode-callback.md 2>/dev/null || true"
Review the copied scripts before use, and declare these install-time file operations and required opencode/callback dependencies in metadata.
Prompts, code details, error logs, or other sensitive task content may remain on disk after the task completes.
The script stores task arguments, logs, JSON output, and extracted results in persistent local files under ~/.openclaw/task-results/.
RESULT_DIR="$HOME/.openclaw/task-results" ... echo "参数: $@" >> "$LOG_FILE" opencode run --format json "$@" > "$JSON_OUTPUT"
Avoid putting secrets in task prompts and periodically review or clean ~/.openclaw/task-results/ if it may contain sensitive project data.
Using the wrong session key can post task updates or results into the wrong conversation.
The workflow relies on local OpenClaw session identifiers to send callbacks. This is purpose-aligned, but those identifiers determine where agent messages are delivered.
可以从 sessions.json 文件获取: cat ~/.openclaw/agents/main/sessions/sessions.json | jq 'keys'
Treat session keys as sensitive routing identifiers and verify the target session before running callback scripts.