← Scan another repo

github.com/anomalyco/opencode

@ cd56c51e2d1f

Submitted 6/27/2026, 12:48:41 AM · Status: failed

Risk grade
·
Findings
0
0 critical17 high223 medium7 low1 info0 on CISA KEV0ATT&CK
Showing 248 of 248 findings

Findings

  • Detected aws-access-token: Identified a pattern that may indicate AWS credentials, risking unauthorized cloud resource access and data breaches on AWS platforms
    Identified a pattern that may indicate AWS credentials, risking unauthorized cloud resource access and data breaches on AWS platforms.
    gitleaks
  • Detected gcp-api-key: Uncovered a GCP API key, which could lead to unauthorized access to Google Cloud services and data breaches
    Uncovered a GCP API key, which could lead to unauthorized access to Google Cloud services and data breaches.
    gitleaks
  • Detected generic-api-key: Detected a Generic API Key, potentially exposing access to various services and sensitive operations
    Detected a Generic API Key, potentially exposing access to various services and sensitive operations.
    gitleaks
  • Detected generic-api-key: Detected a Generic API Key, potentially exposing access to various services and sensitive operations
    Detected a Generic API Key, potentially exposing access to various services and sensitive operations.
    gitleaks
  • Detected generic-api-key: Detected a Generic API Key, potentially exposing access to various services and sensitive operations
    Detected a Generic API Key, potentially exposing access to various services and sensitive operations.
    gitleaks
  • Detected generic-api-key: Detected a Generic API Key, potentially exposing access to various services and sensitive operations
    Detected a Generic API Key, potentially exposing access to various services and sensitive operations.
    gitleaks
  • Detected generic-api-key: Detected a Generic API Key, potentially exposing access to various services and sensitive operations
    Detected a Generic API Key, potentially exposing access to various services and sensitive operations.
    gitleaks
  • Detected generic-api-key: Detected a Generic API Key, potentially exposing access to various services and sensitive operations
    Detected a Generic API Key, potentially exposing access to various services and sensitive operations.
    gitleaks
  • Detected generic-api-key: Detected a Generic API Key, potentially exposing access to various services and sensitive operations
    Detected a Generic API Key, potentially exposing access to various services and sensitive operations.
    gitleaks
  • 'apk add' is missing '--no-cache'
    You should use 'apk add' with '--no-cache' to clean package cached data and reduce image size.
    trivypackages/opencode/Dockerfile:7
  • Image user should not be 'root'
    Running containers with 'root' user can lead to a container escape situation. It is a best practice to run containers as non-root users, which can be done by adding a 'USER' statement to the Dockerfile.
    trivypackages/stats/server/Dockerfile:0
  • Image user should not be 'root'
    Running containers with 'root' user can lead to a container escape situation. It is a best practice to run containers as non-root users, which can be done by adding a 'USER' statement to the Dockerfile.
    trivypackages/containers/publish/Dockerfile:0
  • Image user should not be 'root'
    Running containers with 'root' user can lead to a container escape situation. It is a best practice to run containers as non-root users, which can be done by adding a 'USER' statement to the Dockerfile.
    trivypackages/containers/rust/Dockerfile:0
  • Image user should not be 'root'
    Running containers with 'root' user can lead to a container escape situation. It is a best practice to run containers as non-root users, which can be done by adding a 'USER' statement to the Dockerfile.
    trivypackages/containers/tauri-linux/Dockerfile:0
  • Image user should not be 'root'
    Running containers with 'root' user can lead to a container escape situation. It is a best practice to run containers as non-root users, which can be done by adding a 'USER' statement to the Dockerfile.
    trivypackages/opencode/Dockerfile:0
  • Image user should not be 'root'
    Running containers with 'root' user can lead to a container escape situation. It is a best practice to run containers as non-root users, which can be done by adding a 'USER' statement to the Dockerfile.
    trivypackages/containers/base/Dockerfile:0
  • Image user should not be 'root'
    Running containers with 'root' user can lead to a container escape situation. It is a best practice to run containers as non-root users, which can be done by adding a 'USER' statement to the Dockerfile.
    trivypackages/containers/bun-node/Dockerfile:0

This report is public.