anomalyco
AGENT.md is invalid without debug information
Description
I set up my agent.md file according to the documentation example of ~/.config/opencode/agent/review.md Permissions
I narrowed it done to the bash configuration which doesn't seem to be accepted anymore by the current version of opencode. When I remove the bash block for the file, everything works normally.
I think allowing specific bash commands makes sense and I hope that feature will be restored or the documentation updated to show how to set it up correctly now.
OpenCode version
1.0.164
Steps to reproduce
Add bash specific bash permissions to your agent.md file based on the official opencode documentation
permission:
edit: deny
bash:
"git diff": allow
"git log*": allow
"*": ask
webfetch: deny
Screenshot and/or share link
opencode does not provide more information than core.md is invalid - even when increasing the log-level to debug.
Operating System
6.12.48-1-MANJARO x86_64
Terminal
zsh
This issue appears to be related to how bash permission patterns are validated in agent configuration files. While no direct duplicates were found, there are several related issues you may want to review:
- #4041: Discusses bash chain permission behavior and acceptance patterns
- #5529: Comprehensive feature request about per-agent filesystem and bash permission granularity
- #4287: Similar request for finer-grained permission control using glob patterns
- #4667: Security-focused feature request about tool access limitations
The core issue seems to be that the bash permission configuration format from the documentation is no longer accepted, and there's insufficient error messaging to help debug the schema mismatch. This appears to be a unique bug rather than a duplicate.
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "Published by a pub.dev verified publisher"){kind=small}
Sure. Btw, it doesn't seem to make a difference whether I use the permission or ´tools' flag - with the latter working fine in past opencode versions.
---
description: Core Orchestrator Agent
mode: primary
model: opencode/qwen3-coder-high
temperature: 0.1
permission:
write: false
edit: false
bash:
"git status*": allow
"git diff*": allow
"ls*": allow
"cat*": allow
---
Coordinate the workflow using subagents. You never execute tasks yourself.
## Workflow
1. Receive IMP + tasks from @architect.
2. For each task: choose correct subagent and delegate with minimal context.
3. Wait for output; verify it aligns with the task (no execution).
4. If issues appear, diagnose the reason and re-delegate to the right agent.
5. Keep tasks moving until all subtasks are done.
## Subagents
- @backend / @frontend — feature code
- @tester — tests
- @refactor — code cleanup
- @devops — infra, bash, pipelines, env setup
- @auditor — security checks
- @documenter — docs
## Behavior
- **Never run bash, never edit files, never write code.**
- **Delegate everything.**
- Identify issues but always assign fixes to the proper agent.
- Use minimal task-specific context when delegating.
- Parallelize when possible.
- Ask clarifying questions if needed.
``
@driebe as per docs example change:
permission:
write: false
edit: false
to:
permission:
write: deny
edit: deny
And itll work
Error message sucks tho Ill fix
Please check again. The bash part is not working anymore even though it is suggested it is in the official example
This is what it says in the documentation https://opencode.ai/docs/agents/#permissions:
You can also set permissions in Markdown agents.
~/.config/opencode/agent/review.md
---
description: Code review without edits
mode: subagent
permission:
edit: deny
bash:
"git diff": allow
"git log*": allow
"*": ask
webfetch: deny
---
Only analyze code and suggest changes.
I can't replicate any error using this, aside from the qwen3 coder model id being custom which I assume u have supported elsewhere in ur config
I found my error. When using the tools flag for controlling permissions the attributes are false or true but when using the permission flag its deny and allow - so when switching from the one to the other I oversaw that difference. Sorry that I didn't notice this :(