Conversation
Bypass Git LFS during skill repo clones so installs succeed without git-lfs or LFS API access. Hide stdio MCP and tool subprocess windows on Windows. Write OpenCode MCP to project-root opencode.json with enabled and subagent mode fields. Co-authored-by: Cursor <cursoragent@cursor.com>
Co-authored-by: Cursor <cursoragent@cursor.com>
… sessions Per the OpenCode docs (https://opencode.ai/docs/mcp-servers/#per-agent), every entry under the top-level `mcp` key is auto-connected to every primary agent (Build, Plan, ...). Without scoping, each `capa-<id>` sub-agent MCP that capa registers leaks into the main session and clutters it with sub-agent-only tool blocks. Add a declarative scope-fence to the provider registry: - `McpIntegration.subAgentScopeFence` writes a top-level `permission: { "capa-*_*": "deny" }` next to the MCP map. The pattern matches sub-agent MCP tool names (`capa-<id>_<tool>`) but intentionally does NOT match the main `capa_*` tools, so primary sessions keep full access to capa's main MCP. - `SubagentsIntegration.perAgentToolScope` re-allows each sub-agent's own tools in its own agent file via `permission: { "capa-<id>_*": allow }` in the markdown frontmatter. Wire OpenCode to use both. Existing user-authored permission entries are preserved on write (idempotent, additive). Other providers are unaffected — they don't declare a fence, and `applySubAgentScopeFence` no-ops when the field is unset. Co-authored-by: Cursor <cursoragent@cursor.com>
…s-100-101 Fix LFS clones, Windows MCP windows, and OpenCode config
Contributor
There was a problem hiding this comment.
Pull request overview
This pull request improves provider integrations by (1) adding OpenCode-specific MCP scoping to prevent sub-agent MCP tools from leaking into primary sessions, (2) hardening Windows UX by consistently hiding spawned subprocess windows, and (3) fixing git clone/worktree behavior for LFS-backed repos by disabling LFS filters in cache clones.
Changes:
- OpenCode: add MCP “scope fence” support (global deny + per-agent allow) and update docs/tests accordingly.
- Windows: ensure subprocesses (tool execution, MCP servers, MCP proxy transport) are spawned with
windowsHide: true. - Cache git: centralize git execution in
git-cliand disable LFS smudge/clean/process during mirror/worktree operations, with new unit tests.
Reviewed changes
Copilot reviewed 20 out of 20 changed files in this pull request and generated 1 comment.
Show a summary per file
| File | Description |
|---|---|
| src/types/providers.ts | Extends provider integration types to support extra MCP entry fields and OpenCode-style scoping rules. |
| src/shared/providers/registry.ts | Updates OpenCode integration to use opencode.json, adds enabled: true, and declares scope-fence + per-agent allow config. |
| src/shared/providers/handlers.ts | Emits extra MCP entry fields and adds per-agent frontmatter allow rules for sub-agents. |
| src/shared/providers/tests/registry.test.ts | Adds assertions for OpenCode’s new MCP entry shape and scope configuration. |
| src/shared/cache/snapshot.ts | Switches snapshot materialization to the shared git helper (with LFS disabled). |
| src/shared/cache/mirror.ts | Switches mirror clone/fetch/ref operations to the shared git helper (with LFS disabled). |
| src/shared/cache/git-cli.ts | New helper to run git with LFS filters disabled (used by mirror/snapshot). |
| src/shared/cache/tests/git-cli.test.ts | Tests that LFS-skip args are prepended for common git invocations. |
| src/server/tool-executor.ts | Ensures command tool subprocesses are hidden on Windows (and uses cmd.exe explicitly there). |
| src/server/subprocess-manager.ts | Spawns MCP server subprocesses with windowsHide: true. |
| src/server/stdio-client-transport.ts | Adds a custom stdio MCP transport that always passes windowsHide: true. |
| src/server/mcp-proxy.ts | Uses the custom hidden stdio transport for MCP proxy connections. |
| src/server/tests/tool-executor.test.ts | Adds coverage asserting windowsHide: true is passed for command tool spawns. |
| src/server/tests/subprocess-manager.test.ts | Adds coverage asserting windowsHide: true is passed for MCP server spawns. |
| src/server/tests/stdio-client-transport.test.ts | Adds coverage asserting windowsHide: true is passed for stdio MCP transport spawns. |
| src/cli/utils/mcp-client-manager.ts | Applies provider-declared OpenCode scope fence when writing JSON MCP configs. |
| src/cli/utils/tests/sub-agent-mcp.test.ts | Adds tests ensuring the OpenCode scope fence is written and user permissions are preserved. |
| README.md | Updates marketing copy and clarifies lifecycle hooks / registry language. |
| docs/providers/README.md | Updates OpenCode provider paths/notes to reflect new config location and subagent mode. |
| docs/providers/opencode.md | Documents OpenCode config layout and the global deny + per-agent allow scoping pattern. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Comment on lines
+26
to
+33
| export async function git( | ||
| args: string[], | ||
| opts: ExecFileOptions = {} | ||
| ): Promise<{ stdout: string; stderr: string }> { | ||
| const { stdout, stderr } = await execFileAsync('git', gitCommandArgs(args), { | ||
| ...opts, | ||
| env: { ...process.env, GIT_LFS_SKIP_SMUDGE: '1', ...(opts.env ?? {}) }, | ||
| }); |
… console flashing on Windows. Update tests to verify this behavior.
…ove promisification of execFile into the git function for improved clarity and maintainability.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This pull request introduces two main improvements: (1) enhanced support for OpenCode sub-agent MCP scoping and documentation, and (2) improved process spawning security and behavior on Windows by ensuring all subprocesses are hidden from the user interface. The update also includes additional and revised tests to verify these behaviors.
OpenCode Sub-Agent MCP Scoping and Documentation Improvements:
permission: { 'capa-*_*': 'deny' }) toopencode.jsonso that per-sub-agent MCPs are not auto-exposed to primary sessions, as per OpenCode's recommendations. This logic is idempotent and preserves user-authored permission entries. [1] [2] [3]docs/providers/opencode.mdanddocs/providers/README.mdto clarify OpenCode's MCP config structure, sub-agent scoping, and permission patterns, with new examples and references to official docs. [1] [2]src/cli/utils/__tests__/sub-agent-mcp.test.tsto verify correct application and preservation of the scope fence and user permissions.Process Spawning Security and Windows Behavior:
windowsHide: trueto prevent unwanted windows from appearing on Windows systems. This is enforced in the main code and verified with new and updated tests. [1] [2] [3] [4] [5] [6]HiddenStdioClientTransportis now used to ensure this behavior for MCP proxy connections.Minor Documentation and Usability Updates:
README.mdfor clearer language, more accurate agent counts, and improved explanations of lifecycle hooks and registry usage. [1] [2] [3]These changes improve security and correctness in multi-agent environments and ensure a smoother experience for Windows users.
References:
[1] [2] [3] [4] [5] [6] [7] [8] [9] [10] [11] [12] [13] [14] [15]