Section 3 of docs/OPENCODE_NOTES.md (lines 86-109) documents the opencode.json permission block, but it does not match the real file at the repo root.
Differences:
| Key |
docs/OPENCODE_NOTES.md |
Actual opencode.json |
read, glob, grep, list, skill, webfetch, todowrite |
absent |
"allow" |
cat * |
"allow" |
absent |
python3 scripts/* |
absent |
"allow" |
git show* |
absent |
"allow" |
find *_agent.md* |
absent |
"allow" |
bun * |
absent |
"allow" |
pandoc *, tectonic * |
absent |
"ask" |
write (top-level) |
"allow" |
absent (uses edit only) |
compaction section |
absent |
present |
agent.build sub-config |
absent |
present |
Anyone reading the docs and copying the example config will end up with a weaker (and partly incorrect) permission set.
Fix: Replace the code block in section 3 with the actual opencode.json content, or at minimum note that the snippet is a simplified example and link to the real file.
Section 3 of
docs/OPENCODE_NOTES.md(lines 86-109) documents theopencode.jsonpermission block, but it does not match the real file at the repo root.Differences:
docs/OPENCODE_NOTES.mdopencode.jsonread,glob,grep,list,skill,webfetch,todowrite"allow"cat *"allow"python3 scripts/*"allow"git show*"allow"find *_agent.md*"allow"bun *"allow"pandoc *,tectonic *"ask"write(top-level)"allow"editonly)compactionsectionagent.buildsub-configAnyone reading the docs and copying the example config will end up with a weaker (and partly incorrect) permission set.
Fix: Replace the code block in section 3 with the actual
opencode.jsoncontent, or at minimum note that the snippet is a simplified example and link to the real file.