← Back to Skills Marketplace
berriosb

Opencode Acp Control

by Bastian Nicolas Berrios Alarcon · GitHub ↗ · v0.1.1
cross-platform ⚠ suspicious
678
Downloads
0
Stars
1
Active Installs
2
Versions
Install in OpenClaw
/install opencode-acp-control-3
Description
Control OpenCode directly via the Agent Client Protocol (ACP). Start sessions, send prompts, resume conversations, and manage OpenCode updates.
Usage Guidance
Before installing or enabling this skill: - Understand what it actually does: it launches your local 'opencode' CLI and speaks JSON-RPC to it, granting the OpenCode process the ability to read and write files in whatever working directory you provide. - Verify you have a trusted 'opencode' binary: the skill does not declare required binaries or provide an install origin. Confirm the CLI is from the official project (check the GitHub repo linked in SKILL.md) and that you trust that binary. - Prefer using the skill only in safe/test directories (not your entire home or production projects), or restrict the cwd you give it. - Ask the author to update the manifest to declare required binaries (e.g., requires.binaries: ["opencode"]) and to provide provenance/installation instructions; also resolve the metadata inconsistencies (ownerId/version). - If you need stricter safety, decline the skill or run it in an isolated environment (container/VM) so the agent and the opencode process cannot access sensitive files. Given the manifest mismatches and the broad filesystem capability, treat this skill with caution until provenance and declared requirements are clarified.
Capability Analysis
Type: OpenClaw Skill Name: opencode-acp-control-3 Version: 0.1.1 The skill is classified as suspicious primarily due to the inclusion of a high-risk `curl -fsSL https://opencode.dev/install | bash` command within the `SKILL.md` documentation. While presented as a 'manual update suggestion' to the user, this command allows for arbitrary code execution from an external source (`opencode.dev`), posing a significant supply chain vulnerability. Additionally, the skill utilizes `process.list()` which grants broad visibility into running processes, a powerful capability that, while used for a stated purpose (killing OpenCode instances for update), could be misused.
Capability Assessment
Purpose & Capability
The SKILL.md clearly aims to control OpenCode via the Agent Client Protocol and will run the 'opencode' CLI (e.g., `opencode acp --cwd ...`). However the registry metadata declares no required binaries or install steps. That mismatch (the skill uses an external binary but doesn't declare it) is incoherent and should be explained by the author.
Instruction Scope
Runtime instructions tell the agent to start background processes, write arbitrary JSON-RPC to the process, and poll/kill it. The initialize payload includes clientCapabilities that enable fs readTextFile and writeTextFile — meaning OpenCode (via ACP) can read and write files in whatever working directory you pass. The SKILL.md allows operating on arbitrary project paths chosen at runtime, which is powerful and potentially sensitive. The instructions do not direct data to third-party endpoints, but they do enable broad filesystem access and arbitrary command execution via the local 'opencode' process.
Install Mechanism
There is no install spec (instruction-only), which reduces risk from remote code downloads. However, because the skill relies on an external 'opencode' binary being present and runnable in the agent environment, the lack of declared required binaries or guidance about obtaining a trusted opencode binary is a provenance gap.
Credentials
The skill lists no environment variables or credentials (which is reasonable), but the initialize message requests filesystem read/write capability. That is effectively broad access to the user's workspace even though the manifest declares no special permissions. Also the package metadata shows minor inconsistencies (ownerId/slug/version differ between registry metadata and _meta.json), which reduces confidence in provenance.
Persistence & Privilege
always:false (normal). The skill starts background processes (opencode runs in background) and tracks a processSessionId; such background processes may persist for the duration of a session, which is expected for a controller skill. Autonomous invocation is allowed by default (not a separate red flag), but combined with the filesystem capability this increases potential impact if you allow the agent to act without supervision.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install opencode-acp-control-3
  3. After installation, invoke the skill by name or use /opencode-acp-control-3
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v0.1.1
- Updated SKILL.md metadata: issue reporting URL changed from the old repository to https://github.com/berriosb/Opencode-Acp-Control/issues. - No changes to skill features or functionality; documentation and references only.
v0.1.0
Initial release of opencode-acp-control skill. - Enables direct control of OpenCode via the Agent Client Protocol (ACP). - Provides commands and step-by-step instructions for session management, sending prompts, polling for responses, resuming conversations, and updating OpenCode. - Includes robust error handling and timeout strategies. - Offers clear guidance for listing, resuming, and managing OpenCode sessions and instances.
Metadata
Slug opencode-acp-control-3
Version 0.1.1
License
All-time Installs 1
Active Installs 1
Total Versions 2
Frequently Asked Questions

What is Opencode Acp Control?

Control OpenCode directly via the Agent Client Protocol (ACP). Start sessions, send prompts, resume conversations, and manage OpenCode updates. It is an AI Agent Skill for Claude Code / OpenClaw, with 678 downloads so far.

How do I install Opencode Acp Control?

Run "/install opencode-acp-control-3" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Opencode Acp Control free?

Yes, Opencode Acp Control is completely free (open-source). You can download, install and use it at no cost.

Which platforms does Opencode Acp Control support?

Opencode Acp Control is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Opencode Acp Control?

It is built and maintained by Bastian Nicolas Berrios Alarcon (@berriosb); the current version is v0.1.1.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments