opencode icon indicating copy to clipboard operation
opencode copied to clipboard
Published 2 months ago verified publisher icon anomalyco

feat(agent): add per-agent skills filtering

Open IgorWarzocha opened this issue 2 months ago • 7 comments

Don't shoot the messenger, purely vibecoded.

Summary

Add ability to filter which skills are visible to each agent via a new skills field in agent configuration.

This addresses the issue where all discovered skills are loaded into the system prompt for every agent, causing:

  • Skill leakage across inappropriate agent contexts
  • No way to scope skills to specific agent types
  • Unnecessary context in specialized agents

Usage

In opencode.json:

{
  "agent": {
    "excel-maestro": {
      "skills": {
        "spreadsheets": true
      }
    },
    "read-only-explorer": {
      "skills": {
        "git-*": false
      }
    }
  }
}

In agent markdown frontmatter (.opencode/agent/excel-maestro.md):

---
mode: all
skills:
  spreadsheets: true
---

Behavior

  • Whitelist mode: When any true values are present, only skills matching a true pattern are shown
  • Blacklist mode: When only false values are present, all skills except those matching false patterns are shown
  • No config: All skills visible (backwards compatible)

Uses the same wildcard pattern matching as existing tools filtering.

Changes

  • config/config.ts: Added skills field to Agent schema
  • agent/agent.ts: Added skills to Agent.Info type and state builder
  • skill/skill.ts: Added filter() and forAgent() functions
  • session/system.ts: Updated skills() to accept optional filter parameter
  • session/prompt.ts: Pass agent's skills filter to SystemPrompt.skills()
  • Tests for filtering logic and markdown frontmatter support

IgorWarzocha avatar Dec 22 '25 20:12 IgorWarzocha

hang onto this - we're reworking a bunch of permissions stuff and this can come after that

thdxr avatar Dec 22 '25 23:12 thdxr

Looks like https://github.com/sst/opencode/pull/6000 makes this not needed?

airtonix avatar Dec 23 '25 02:12 airtonix

Looks like https://github.com/sst/opencode/pull/6000 makes this not needed?

True denied skills are already filtered out of agents context

malhashemi avatar Dec 24 '25 11:12 malhashemi

See, the original idea was similar, I am now leaning towards an entirely different thing.

Current implementation basically loads all the skills into all agents unless you edit them. There needs to be something that allows easier allow/deny skills and I believe they should all be disabled as default.

opencode agent create should probably include a step to add/remove skills to the agent config. and I believe we're getting to a point where opencode agent edit just to edit the frontmatter is a necessity.

https://github.com/sst/opencode/pull/6103

IgorWarzocha avatar Dec 24 '25 13:12 IgorWarzocha

See, the original idea was similar, I am now leaning towards an entirely different thing.

Current implementation basically loads all the skills into all agents unless you edit them. There needs to be something that allows easier allow/deny skills and I believe they should all be disabled as default.

opencode agent create should probably include a step to add/remove skills to the agent config. and I believe we're getting to a point where opencode agent edit just to edit the frontmatter is a necessity.

Actually global deny is very easy in your config simply:

permission.skill: {* : deny}

Would deny it globally this is how I have it setup at the moment. Also there is a new permission system in the works so lets hold on till release.

malhashemi avatar Dec 24 '25 14:12 malhashemi

Having said that I agree that some guided configurations on the agent setup process would be nice to have. So thats a direction worth taking

malhashemi avatar Dec 24 '25 14:12 malhashemi

See, the original idea was similar, I am now leaning towards an entirely different thing. Current implementation basically loads all the skills into all agents unless you edit them. There needs to be something that allows easier allow/deny skills and I believe they should all be disabled as default. opencode agent create should probably include a step to add/remove skills to the agent config. and I believe we're getting to a point where opencode agent edit just to edit the frontmatter is a necessity.

Actually global deny is very easy in your config simply:

permission.skill: {* : deny}

Would deny it globally this is how I have it setup at the moment. Also there is a new permission system in the works so lets hold on till release.

Yeah agree but it's the defaults that are the problem - creating a build agent config is not something that everyone does. I can see how having all the skills enabled as default can be problematic

IgorWarzocha avatar Dec 24 '25 22:12 IgorWarzocha