🎩 You're Invited:Meet the Socket team at Black Hat in Las Vegas, August 3-6.RSVP
Sign In

agents-opencode

Package Overview
Dependencies
Maintainers
1
Versions
19
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

agents-opencode

OpenCode Agents: Intelligent AI assistants for software development. Features 9 specialized agents (including legal-advisor for license auditing and compliance), 14 coding standards, automated code review, documentation generation, OpenCode plugin compati

latest
Source
npmnpm
Version
2.3.2
Version published
Weekly downloads
236
-56.62%
Maintainers
1
Weekly downloads
 
Created
Source

OpenCode Agents

Validate Agents & Documentation npm version Socket Badge Documentation License: MIT

9 specialized agents, 23 on-demand skills, production-ready workflows. Install once, get 97% context cache hits — sessions start near-instantly and cost ~20× less.

Also available for Claude Code — see Installation.

Efficiency

OpenCode's context caching dramatically reduces token consumption across sessions. The following metrics are from production usage (May–July 2026) with the deepseek-v4-pro model.

MetricMay 2026June 2026July 2026Combined
Cache Hit Tokens263.3M21.9M145.0M430.2M
Cache Miss Tokens7.9M1.3M2.7M11.9M
Output Tokens0.8M0.2M0.5M1.5M
Total Requests1,4073801,0162,803
Cache Hit Rate97.1%94.5%98.2%97.3%
Avg Tokens/Request193K62K146K158K

Key takeaway: persistent context reuse keeps ~97% of input tokens in cache, avoiding costly re-processing across agent sessions. Cache-hit tokens cost ~120× less than cache-miss tokens, translating to substantial efficiency gains for long-running multi-agent workflows.

Quick Start

Requires: Node.js

npx agents-opencode --global
More install options (filter, update, uninstall, status)
# Filter language references for a lighter install
npx agents-opencode --global --languages python,typescript

# Update existing installation
npx agents-opencode --update

# Uninstall
npx agents-opencode --uninstall

# Check detected installation scopes
npx agents-opencode --status

Install: npm package and installer command: agents-opencode. OpenCode CLI runtime command: opencode.

Uninstall: targets current project by default; use --global or --all for explicit scope. Creates timestamped backups before removal.

Update: auto-detects installed scopes; use --all, --global, or --project [dir] for explicit scope.

Config: installer merges only missing global permission defaults into opencode.json. Existing provider/model/instructions settings are preserved.

Then run:

opencode              # start the TUI
/init                 # initialize a new session
@orchestrator Build a REST API with JWT auth

The orchestrator plans, delegates to @codebase for implementation, @review for quality checks, and @docs for documentation — all in one session.

Agents

AgentBest For
@orchestratorEnd-to-end features: plans, delegates to specialists, validates results
@codebaseWrite code across 10+ languages with auto-detected project conventions
@plannerArchitecture reviews, risk assessment, step-by-step implementation plans
@reviewCatch bugs, security holes, and perf issues before they ship
@docsREADMEs, API docs, ADRs, wiki pages
@bloggerBlog posts, YouTube scripts, podcast outlines, resumes, LinkedIn profiles
@brutal-criticRuthless content QA against proven frameworks with actionable scores
@em-advisor1-on-1 prep, team strategy, roadmap planning
@legal-advisorLicense auditing, compliance checks, IP review, export controls

Canonical source for exact allowlists and skill triggers: Skills Matrix

Commands

Type /command-name in the TUI to run:

CommandDescription
/code-reviewComprehensive code review
/security-auditSecurity audit
/generate-testsUnit test generation
/refactor-planRefactoring plan
/architecture-reviewArchitecture review
/architecture-decisionADR creation
/api-docsGenerate API documentation
/create-readmeGenerate README
/blog-postBlog post creation
/content-reviewContent quality scoring
/plan-projectMulti-phase project planning
/execution-loopBounded iterative execution workflow
/stop-loopStop loop and summarize state
/checkpointPhase-boundary checkpoint for human decision
/1-on-1-prepMeeting preparation

Why this pack

  • Fast onboarding: install in minutes with npx.
  • Clear execution flow: plan, implement, review, and document with purpose-built agents.
  • Safer defaults: on-demand skills + deny-by-default skill permissions.
  • Operationally ready: built-in validation and release automation.

Skill Loading (OpenCode)

Skills load on demand via the skill tool — no context cost until you use them. Use one relevant skill per task/phase; add another only for clear cross-domain work.

Instruction files live in .opencode/instructions/, skill packs in .opencode/skills/<name>/SKILL.md. Scope remains core-only; additions pass demand, clear-gap, ownership, and licensing/provenance checks.

Permission configuration (least-privilege patterns)

Skill permissions (prevent unrelated skill loads):

permission:
  skill:
    "*": "deny"
    "python": "allow"
    "sql-migrations": "allow"

Task permissions (control which subagents each agent can invoke):

permission:
  task:
    "*": "deny"
    "explore": "allow"
    "review": "allow"

Start with "*": "deny", add explicit allows. Rules match in order — last match wins.

Installation

npx agents-opencode --global

Claude Code Plugin

# Add marketplace (one-time)
/plugin marketplace add shahboura/agents-opencode-claude

# Install
/plugin install agents-opencode@shahboura

# Update
/plugin update agents-opencode@shahboura

Gives Claude Code access to the same 23 on-demand skills. Skills load only when invoked — no context cost until you use them. See adapters/claude-code/ for the plugin manifest and generator script.

Validation

Run npm run doctor for the complete local validation suite (agent contracts, markdown linting, docs links, session state, eval trends, and more). For full check mapping (local commands ↔ CI gates), see Compatibility.

Agent evals: npm run eval:agents runs deterministic contract checks for agent and command metadata. npm run eval:agents:json writes machine-readable output.

Docs

Keywords

opencode

FAQs

Package last updated on 08 Jul 2026

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts