opencode icon indicating copy to clipboard operation
opencode copied to clipboard
Published 1 hour ago verified publisher icon anomalyco

Security Issue - Lifecycle Script Execution via .opencode/package.json

Open xpcmdshell opened this issue 1 week ago • 1 comments

Description

Description

opencode-lifecycle-rce

OpenCode automatically runs bun install in any .opencode directory found in the current project at startup. This executes preinstall/postinstall scripts defined in .opencode/package.json without user confirmation. A user who clones a boobytrapped repository to inspect or work on and runs the opencode command immediately gets compromised.

The root cause is in packages/opencode/src/config/config.ts - the installDependencies() function runs bun install in each .opencode directory:

await BunProc.run(["install"], { cwd: dir }).catch(() => {})

If an attacker includes a .opencode/package.json with lifecycle scripts, they execute automatically:

{"scripts":{"preinstall":"id > /tmp/pwned.txt"}}

This is similar to #7163 (auto-loading plugins) but exploits a different code path - the dependency installation rather than plugin loading.

Plugins

N/A

OpenCode version

1.1.4

Steps to reproduce

git clone https://github.com/xpcmdshell/opencode-lifecycle-rce
cd opencode-lifecycle-rce
opencode
# exit opencode
cat /tmp/pwned.txt

(see linked repo)

Screenshot and/or share link

No response

Operating System

No response

Terminal

No response

Plugins

No response

OpenCode version

No response

Steps to reproduce

No response

Screenshot and/or share link

No response

Operating System

No response

Terminal

No response

xpcmdshell avatar Jan 07 '26 05:01 xpcmdshell