Skip to content

tjvjk/opencode-policy

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

25 Commits
assets
assets
 
 
src
src
 
 
test
test
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
package.json
package.json
 
 

Repository files navigation

Opencode policy

OpenCode security plugin with:

You can review the full rule sets there and add or remove patterns to fit your workspace.

Unsafe tool patterns Unsafe tool patterns

Prompt injection patterns Prompt injection patterns

Use it when you want stronger workspace safety out of the box: it helps prevent secret exposure, exfiltration, unsafe shell execution, reverse shells, denial-of-service commands, cross-workspace access, and common instruction-override attacks. Matching events are logged to .opencode/opencode-policy.log for review.

Simple install

opencode plugin opencode-policy@latest --global

Install from npm

Install the package:

npm install opencode-policy

Then add it to one of these OpenCode config files:

  • ~/.config/opencode/opencode.json for your user
  • opencode.json in your project root for one project
{
  "$schema": "https://opencode.ai/config.json",
  "plugin": ["opencode-policy"]
}

License

MIT

Thanks

Pattern research and source material were adapted in part from vakovalskii/topsha

About

OpenCode plugin with extensible access policies

Resources

Readme

License

MIT license
Activity

Stars

3 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases 1

v0.1.4 Latest
Apr 21, 2026

Packages

 
 
 

Contributors

Languages