Skip to content

Latest commit

 

History

History
76 lines (56 loc) · 2.11 KB

File metadata and controls

76 lines (56 loc) · 2.11 KB

Security and Privacy Notes

Opencode-Ultrathinker is powerful by design. It can read local files, run shell commands, call MCP servers, query remote services, and interact with repositories. Review it like you would review a developer tool with broad local access.

Permissions

The config intentionally allows common development commands and tool namespaces. That does not mean every permission is safe for every user.

Review especially:

  • read: allow,
  • edit: ask,
  • shell allow rules,
  • enabled local MCP servers,
  • desktop_commander_*,
  • github_*,
  • any tool with file-system or repository write access.

For a conservative setup, start with more ask permissions and loosen them only after repeated safe use.

Local vs global config

Local project configs may override the global config. This is useful, but it can also surprise you. When something behaves differently in one repository, check local OpenCode config first.

Tool risk levels

Lower-risk tools:

  • documentation fetchers,
  • search tools,
  • transcript tools,
  • read-only repository ingesters.

Higher-risk tools:

  • shell execution,
  • desktop automation,
  • GitHub write access,
  • tools that edit files,
  • tools that can read broad local directories,
  • tools that call paid APIs.

Recommended operating style

  • Keep destructive actions behind approval.
  • Use Git branches for every task.
  • Let GitNexus run impact analysis before refactors.
  • Let Macrodata remember decisions, but do not store secrets in memory.
  • Scrape external sources into temporary files and remove them after use.
  • Review diffs before committing.

Before publishing your fork

Check that you did not commit:

  • real API keys,
  • GitHub tokens,
  • provider keys,
  • private usernames,
  • absolute paths that reveal too much about your machine,
  • private project names,
  • internal URLs,
  • company repositories,
  • private prompts or memory files.

The public template should use placeholders such as:

  • <YOUR_USERNAME>
  • <NODE_PATH>
  • <NPX_PATH>
  • <PYTHON_PATH>
  • <GLOBAL_NODE_MODULES_PATH>
  • <GITHUB_PERSONAL_ACCESS_TOKEN>
  • <BRAVE_API_KEY>
  • <YOUTUBE_API_KEY>
  • <YOUR_TIMEZONE>