New Research: Supply Chain Attack on Axios Pulls Malicious Dependency from npm.Details →
Socket
Book a DemoSign in
Socket
Book a DemoSign in

opencode-agentlens

Package Overview
Dependencies
Maintainers
1
Versions
11
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

opencode-agentlens

OpenCode plugin for AgentLens — trace your coding agent's decisions, tool calls, and sessions

latest
npmnpm
Version
0.2.8
Version published
Maintainers
1
Created
Source

opencode-agentlens

OpenCode plugin for AgentLens — trace your coding agent's decisions, tool calls, and sessions.

npm version license

Requirements

  • OpenCode >= 1.1.0
  • An AgentLens account -- register at agentlens.vectry.tech/register
  • An API key created in Settings > API Keys in the AgentLens dashboard

Install

npm install opencode-agentlens

Configuration

Environment Variables

VariableRequiredDefaultDescription
AGENTLENS_API_KEYYesYour AgentLens API key.
AGENTLENS_ENDPOINTNoAgentLens cloudAPI endpoint URL.
AGENTLENS_ENABLEDNotrueSet to false to disable tracing.
AGENTLENS_CAPTURE_CONTENTNotrueCapture message and tool output content.
AGENTLENS_MAX_OUTPUT_LENGTHNo10000Max characters to capture per output.
AGENTLENS_FLUSH_INTERVALNo5000Flush interval in milliseconds.
AGENTLENS_BATCH_SIZENo100Max items per batch before auto-flush.

OpenCode Setup

Add the plugin to your OpenCode configuration at ~/.config/opencode/opencode.json:

{
  "plugins": [
    {
      "name": "agentlens",
      "module": "opencode-agentlens"
    }
  ]
}

Set your API key (create one at Settings > API Keys in the AgentLens dashboard):

export AGENTLENS_API_KEY="your-api-key"

The plugin activates automatically when OpenCode starts. No code changes required.

Each OpenCode session counts as one trace (one session) for billing purposes. See the billing documentation for plan details.

What Gets Captured

The plugin hooks into OpenCode's event system and records:

  • Sessions — Full session lifecycle from start to finish, including duration and metadata.
  • Tool calls — Every tool invocation with input arguments and output results (e.g., file reads, shell commands, code edits).
  • LLM calls — Chat messages sent to and received from the model, including token usage.
  • Permission flows — When the agent requests permission and whether it was granted or denied.
  • File edits — File paths and change summaries produced by the agent.

All data is sent to your AgentLens instance where you can inspect traces, replay sessions, and analyze agent behavior.

How It Works

The plugin registers handlers for OpenCode's event hooks:

EventWhat is recorded
Session start/endTrace lifecycle, session metadata
tool.execute.beforeTool name, input arguments
tool.execute.afterTool output, duration, success/failure
chat.messageLLM responses and assistant messages
chat.paramsModel parameters and prompt configuration
permission.askPermission requests and user decisions

Each OpenCode session maps to a single AgentLens trace. Tool calls and LLM interactions become spans within that trace.

Documentation

Full documentation: agentlens.vectry.tech/docs/opencode-plugin

License

MIT

Keywords

opencode
agentlens
observability
tracing
coding-agent

FAQs

Package last updated on 11 Feb 2026

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Attackers Are Hunting High-Impact Node.js Maintainers in a Coordinated Social Engineering Campaign

Security News

Attackers Are Hunting High-Impact Node.js Maintainers in a Coordinated Social Engineering Campaign

Multiple high-impact npm maintainers confirm they have been targeted in the same social engineering campaign that compromised Axios.

By Sarah Gooding  -  Apr 03, 2026