Torbjørn Lindahl eb8553ce0b security: lock down OpenCode containers to read-only legal research ...

Add defense-in-depth restrictions via agent config and global permissions:
- Global permission layer denies bash, edit, webfetch, lsp
- Build agent tools restricted to read-only (grep/glob/list/read/todo)
- General/explore subagents locked to read-only
- Plan agent disabled to prevent mode switching
- Custom system prompt for legal research context (temp=0.2)

2026-02-08 20:22:57 +01:00

2.1 KiB

Raw Blame History

View Raw