The Best AI Agent Harness - Batteries-Included OpenCode Plugin with Multi-Model Orchestration, Parallel Background Agents, and Crafted LSP/AST Tools
74%
Total Score
100
58
85
40
100
| Title | Versions | Severity |
|---|---|---|
AIKIDO-2026-10207 Pre-CVE Found by Aikido Intel before public disclosure or CVE publication. oh-my-opencode is vulnerable to Improper Authorization in versions 2.14.1 - 3.3.2. | 2.14.1 - 3.3.2 | High |
| Dependency | Last Release | Score |
|---|---|---|
zod Version ^4.4.3 | — | — |
diff Version ^9.0.0 | — | — |
js-yaml Version ^4.1.1 | — | — |
commander Version ^14.0.3 | — | — |
picomatch Version ^4.0.4 | — | — |
Connect your repositories to instantly see whether vulnerable or malicious packages exist in your codebase.
Free. No credit card required.

SOC 2Compliant
ISO 27001Compliant