opencode-api Security Report — Low Risk | ClawSafe

20 /100

opencode-api

透過 HTTP API 呼叫 OpenCode Server 進行 code review 與編碼任務

A legitimate code review integration tool that uses subprocess and HTTP for its documented auto-start server feature, with minor documentation gaps around dependency declaration.

Skill Nameopencode-api

Duration39.2s

Enginepi

✓

Safe to install

Approve for use. Consider pinning the requests dependency to a specific version to avoid supply chain risk.

Findings 2 items

Severity	Finding	Location
Low	Unpinned requests dependency Supply Chain SKILL.md instructs 'pip install requests' without version pinning. This allows any version including potentially compromised ones to be installed. `# opencode_client.py：pip install requests` → Pin to a specific version: pip install requests==2.32.3	`SKILL.md:129`
Low	Dependency not formally declared Doc Mismatch opencode_client.py requires the 'requests' library but SKILL.md only mentions this informally at the bottom. A formal requirements.txt or dependency declaration is absent. `opencode_client.py：pip install requests` → Add a requirements.txt file or formal dependency section in SKILL.md	`SKILL.md:129`

Resource	Declared	Inferred	Status	Evidence
Filesystem	`READ`	`READ`	✓ Aligned	opencode_client.py:219 — Path(dir_path)/file_path read for file analysis
Network	`READ`	`WRITE`	✓ Aligned	All three scripts POST to local OpenCode Server (http://127.0.0.1:4096) — declar…
Shell	`NONE`	`WRITE`	✓ Aligned	opencode_task.py:90, opencode_client.py:71 — subprocess.Popen used for auto-star…
Environment	`NONE`	`NONE`	—	No os.environ access found
Skill Invoke	`READ`	`READ`	✓ Aligned	Scripts designed to be imported as Python modules by OpenClaw agents
Clipboard	`NONE`	`NONE`	—	No clipboard access found
Browser	`NONE`	`NONE`	—	No browser access found
Database	`NONE`	`NONE`	—	No database access found

5 findings

🔗

Medium External URL 外部 URL

https://clawhub.com/opencode-api

SKILL.md:7

🔗

Medium External URL 外部 URL

http://127.0.0.1:4096

SKILL.md:32

🔗

Medium External URL 外部 URL

http://127.0.0.1:4096/global/health

references/api-reference.md:15

🔗

Medium External URL 外部 URL

http://127.0.0.1:4096/session

references/api-reference.md:33

🔗

Medium External URL 外部 URL

http://127.0.0.1:4096/session/

references/api-reference.md:49

File Tree

9 files · 35.1 KB · 1123 lines

Python 3f · 758L Markdown 5f · 357L JSON 1f · 8L

├─ ▾ 📁 references

│ ├─ 📝 api-reference.md Markdown 80L · 1.9 KB

│ ├─ 📝 case-studies.md Markdown 77L · 2.0 KB

│ ├─ 📝 models.md Markdown 45L · 1.1 KB

│ └─ 📝 server-setup.md Markdown 18L · 303 B

├─ ▾ 📁 scripts

│ ├─ 🐍 opencode_client.py Python 344L · 12.2 KB

│ ├─ 🐍 opencode_review.py Python 170L · 5.5 KB

│ └─ 🐍 opencode_task.py Python 244L · 8.1 KB

├─ 📋 _meta.json JSON 8L · 272 B

└─ 📝 SKILL.md Markdown 137L · 3.7 KB

Dependencies 1 items

Package	Version	Source	Known Vulns	Notes
`requests`	`*`	pip	No	Version not pinned — could install any version

Security Positives

✓ No credential harvesting — no access to ~/.ssh, ~/.aws, .env, or environment variable enumeration

✓ No network exfiltration — all HTTP traffic is confined to localhost (127.0.0.1:4096)

✓ No obfuscation — all code is plain text, no base64, eval(), or hidden payloads

✓ No sensitive file access — only reads files within user-specified repo directories for analysis

✓ Auto-start subprocess feature is documented in SKILL.md under '⚡ 自動啟動 Server'

✓ Uses standard library urllib where possible (opencode_task.py) reducing dependency surface

✓ No persistence mechanisms — no cron, startup hooks, or backdoor installation

✓ GitHub CLI calls are confined to local diff retrieval for the review feature

Scan Report

Findings 2 items

File Tree

Dependencies 1 items

Security Positives