opencode-api 安全扫描报告 — 低风险 | ClawSafe

20 /100

opencode-api

透過 HTTP API 呼叫 OpenCode Server 進行 code review 與編碼任務

A legitimate code review integration tool that uses subprocess and HTTP for its documented auto-start server feature, with minor documentation gaps around dependency declaration.

技能名称opencode-api

分析耗时39.2s

引擎pi

✓

可以安装

Approve for use. Consider pinning the requests dependency to a specific version to avoid supply chain risk.

安全发现 2 项

严重性	安全发现	位置
低危	Unpinned requests dependency 供应链 SKILL.md instructs 'pip install requests' without version pinning. This allows any version including potentially compromised ones to be installed. `# opencode_client.py：pip install requests` → Pin to a specific version: pip install requests==2.32.3	`SKILL.md:129`
低危	Dependency not formally declared 文档欺骗 opencode_client.py requires the 'requests' library but SKILL.md only mentions this informally at the bottom. A formal requirements.txt or dependency declaration is absent. `opencode_client.py：pip install requests` → Add a requirements.txt file or formal dependency section in SKILL.md	`SKILL.md:129`

资源类型	声明权限	推断权限	状态	证据
文件系统	`READ`	`READ`	✓ 一致	opencode_client.py:219 — Path(dir_path)/file_path read for file analysis
网络访问	`READ`	`WRITE`	✓ 一致	All three scripts POST to local OpenCode Server (http://127.0.0.1:4096) — declar…
命令执行	`NONE`	`WRITE`	✓ 一致	opencode_task.py:90, opencode_client.py:71 — subprocess.Popen used for auto-star…
环境变量	`NONE`	`NONE`	—	No os.environ access found
技能调用	`READ`	`READ`	✓ 一致	Scripts designed to be imported as Python modules by OpenClaw agents
剪贴板	`NONE`	`NONE`	—	No clipboard access found
浏览器	`NONE`	`NONE`	—	No browser access found
数据库	`NONE`	`NONE`	—	No database access found

5 项发现

🔗

中危外部 URL 外部 URL

https://clawhub.com/opencode-api

SKILL.md:7

🔗

中危外部 URL 外部 URL

http://127.0.0.1:4096

SKILL.md:32

🔗

中危外部 URL 外部 URL

http://127.0.0.1:4096/global/health

references/api-reference.md:15

🔗

中危外部 URL 外部 URL

http://127.0.0.1:4096/session

references/api-reference.md:33

🔗

中危外部 URL 外部 URL

http://127.0.0.1:4096/session/

references/api-reference.md:49

目录结构

9 文件 · 35.1 KB · 1123 行

Python 3f · 758L Markdown 5f · 357L JSON 1f · 8L

├─ ▾ 📁 references

│ ├─ 📝 api-reference.md Markdown 80L · 1.9 KB

│ ├─ 📝 case-studies.md Markdown 77L · 2.0 KB

│ ├─ 📝 models.md Markdown 45L · 1.1 KB

│ └─ 📝 server-setup.md Markdown 18L · 303 B

├─ ▾ 📁 scripts

│ ├─ 🐍 opencode_client.py Python 344L · 12.2 KB

│ ├─ 🐍 opencode_review.py Python 170L · 5.5 KB

│ └─ 🐍 opencode_task.py Python 244L · 8.1 KB

├─ 📋 _meta.json JSON 8L · 272 B

└─ 📝 SKILL.md Markdown 137L · 3.7 KB

依赖分析 1 项

包名	版本	来源	已知漏洞	备注
`requests`	`*`	pip	否	Version not pinned — could install any version

安全亮点

✓ No credential harvesting — no access to ~/.ssh, ~/.aws, .env, or environment variable enumeration

✓ No network exfiltration — all HTTP traffic is confined to localhost (127.0.0.1:4096)

✓ No obfuscation — all code is plain text, no base64, eval(), or hidden payloads

✓ No sensitive file access — only reads files within user-specified repo directories for analysis

✓ Auto-start subprocess feature is documented in SKILL.md under '⚡ 自動啟動 Server'

✓ Uses standard library urllib where possible (opencode_task.py) reducing dependency surface

✓ No persistence mechanisms — no cron, startup hooks, or backdoor installation

✓ GitHub CLI calls are confined to local diff retrieval for the review feature