opencode-configure
Configures OpenCode settings for model selection, permissions, and environment variables, ensuring optimal agent behavior.
Install this skill
or
78/100
Security score
The opencode-configure skill was audited on Mar 19, 2026 and we found 6 security issues across 2 threat categories. Review the findings below before installing.
Categories Tested
Security Issues
medium line 200
Access to hidden dotfiles in home directory
SourceSKILL.md
| 200 | - **WHY**: global config (`~/.config/opencode/opencode.json`) bleeds into unrelated projects, causing unexpected behavior across your entire environment. |
medium line 81
Access to .env file
SourceSKILL.md
| 81 | | `.env`/shell env | Provider keys and environment-backed configuration | |
medium line 91
Access to .env file
SourceSKILL.md
| 91 | 4. Validate syntax: `jq . opencode.json >/dev/null && rg -n "API_KEY|baseEnv|permission" opencode.json .env*` |
low line 110
Access to .env file
SourceSKILL.md
| 110 | rg -n "API_KEY|baseEnv|permission" opencode.json .env* |
medium line 212
Access to .env file
SourceSKILL.md
| 212 | - **WHY**: OpenCode applies config in layers: shell environment > `.env` loader > project `opencode.json` > global `opencode.json`. Debugging config mismatches without knowing this order leads to wast |
low line 224
External URL reference
SourceSKILL.md
| 224 | - [OpenCode Docs](https://opencode.ai/docs/) |
Scanned on Mar 19, 2026
View Security DashboardInstall this skill with one command
/learn @pantheon-org/configure