🎩 You're Invited:Meet the Socket team at Black Hat in Las Vegas, August 3-6.RSVP
Sign In

agents-opencode

Package Overview
Dependencies
Maintainers
1
Versions
19
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

agents-opencode

OpenCode Agents: Intelligent AI assistants for software development. Features 9 specialized agents (including legal-advisor for license auditing and compliance), 14 coding standards, automated code review, documentation generation, OpenCode plugin compati

Source
npmnpm
Version
2.0.0
Version published
Weekly downloads
236
-56.62%
Maintainers
1
Weekly downloads
 
Created
Source

OpenCode Agents

Validate Agents & Documentation npm version Documentation License: MIT

Lean OpenCode agent pack for fast setup, safer skill loading, and production-ready workflows.

Why this pack

  • Fast onboarding: install in minutes with npx.
  • Clear execution flow: plan, implement, review, and document with purpose-built agents.
  • Safer defaults: on-demand skills + deny-by-default skill permissions.
  • Operationally ready: built-in validation and release automation.

Quick jump: Agents · Skills Matrix · Commands · Full Docs

Quick Start

Requires: Node.js

# Via npx (recommended)
npx agents-opencode --global

# Alternative (direct npm install)
npm install -g agents-opencode && agents-opencode --global

# Project install (current directory only)
npx agents-opencode --project .

# Filter language instruction references for a lighter install
npx agents-opencode --global --languages python,typescript

# Update existing installation
npx agents-opencode --update

# Force update both global + current project scopes
npx agents-opencode --update --all

# Uninstall current project scope (default)
npx agents-opencode --uninstall

# Uninstall global scope only
npx agents-opencode --uninstall --global

# Uninstall both global + current project scopes
npx agents-opencode --uninstall --all

# Check detected installation scopes
npx agents-opencode --status

Install behavior note:

  • npx/npm installs from the published npm package version (deterministic release artifact).
  • npm package and installer command: agents-opencode
  • OpenCode CLI runtime command: opencode
  • --languages filters language instruction reference files; runtime skill loading remains on-demand per agent allowlists.

Uninstall behavior:

  • npx agents-opencode --uninstall targets the current project by default.
  • Use --global or --all for explicit scope control.
  • Uninstall removes installer-managed files via install manifest tracking.
  • Project backups: <project>/.opencode/.backups/<timestamp>--<operation>--<scope>/
  • Global backups: ~/.config/opencode/.backups/<timestamp>--<operation>--<scope>/
  • Backup retention: latest 10 sessions and sessions newer than 30 days.

Restore from backup:

  • Open the latest backup session folder.
  • Review backup-manifest.json for file paths.
  • Copy files back to their original paths.

Update behavior:

  • npx agents-opencode --update auto-detects and updates installed scopes (global and/or current project).
  • Use --all, --global, or --project [dir] to force explicit update scope.

Configuration behavior:

  • Installer merges only missing global permission defaults (external_directory, doom_loop) into opencode.json.
  • Existing provider/model/instructions settings are preserved and never overwritten by installer defaults.

Then run:

opencode
/init
@orchestrator Build a REST API with JWT auth

Installation

npx agents-opencode --global

OpenCode Plugin (Alternative)

Add to your opencode.json:

{ "plugin": ["agents-opencode"] }

Then restart OpenCode or run /reload-plugins.

Agents

AgentBest For
@orchestratorMulti-phase coordination
@plannerRead-only architecture/planning
@codebaseFeature implementation
@reviewSecurity/performance/code quality
@docsDocumentation updates
@em-advisorEM/leadership guidance
@bloggerBlog/video/podcast drafting
@brutal-criticFinal content quality gate
@legal-advisorLicense auditing, IP review, data privacy assessment, regulatory guidance

Canonical source for exact allowlists and skill triggers: Skills Matrix

Skill Loading (OpenCode)

  • Instruction files live in .opencode/instructions/*.instructions.md as reference material.
  • Reusable skill packs live in .opencode/skills/<name>/SKILL.md.
  • Skills are the primary runtime mechanism and are loaded on demand via the skill tool.
  • Use one relevant skill per task/phase by default; add another only for clear cross-domain work.
  • If stack/domain is unclear, ask for clarification before loading.

Skill Scope Policy

  • Scope remains core-only skills (no optional skill packs).
  • Additions should pass demand, clear-gap, ownership, and licensing/provenance checks.

Skill Permissions (Least Privilege)

Use permission.skill allowlists in agent frontmatter to prevent unrelated skill loads.

permission:
  skill:
    "*": "deny"
    "python": "allow"
    "sql-migrations": "allow"

This keeps skills focused by agent role and reduces accidental context bloat.

Task Permissions (Subagent Hardening)

Use permission.task allowlists to control which subagents each agent can invoke.

permission:
  task:
    "*": "deny"
    "explore": "allow"
    "review": "allow"

Pattern notes:

  • Start with "*": "deny", then add explicit allows.
  • Keep allowlists narrow by role.
  • Rules are matched in order and the last matching rule wins.

Commands

Type /command-name in the TUI to run:

CommandDescription
/api-docsGenerate API documentation
/code-reviewComprehensive code review
/generate-testsUnit test generation
/security-auditSecurity audit
/refactor-planRefactoring plan
/create-readmeGenerate README
/architecture-decisionADR creation
/architecture-reviewArchitecture review
/blog-postBlog post creation
/content-reviewContent quality scoring
/plan-projectMulti-phase project planning
/execution-loopBounded iterative execution workflow
/stop-loopStop loop and summarize state
/1-on-1-prepMeeting preparation

Agent Evals

  • npm run eval:agents runs deterministic contract checks for agent and command metadata.
  • npm run eval:agents:json writes machine-readable output to evals/reports/latest.json.
  • These checks are integrated into doctor and CI validation summary gating.

Validation

  • Run npm run doctor for the complete local validation suite.
  • For full check mapping (local commands ↔ CI gates), see Compatibility.

Docs

Keywords

opencode

FAQs

Package last updated on 07 May 2026

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts