summaryrefslogtreecommitdiffhomepage
path: root/packages/web/src/content/docs/permissions.mdx
diff options
context:
space:
mode:
Diffstat (limited to 'packages/web/src/content/docs/permissions.mdx')
-rw-r--r--packages/web/src/content/docs/permissions.mdx37
1 files changed, 35 insertions, 2 deletions
diff --git a/packages/web/src/content/docs/permissions.mdx b/packages/web/src/content/docs/permissions.mdx
index 1aea3ef74..754a6c875 100644
--- a/packages/web/src/content/docs/permissions.mdx
+++ b/packages/web/src/content/docs/permissions.mdx
@@ -11,6 +11,7 @@ By default, OpenCode allows most operations without approval, except `doom_loop`
"permission": {
"edit": "allow",
"bash": "ask",
+ "skill": "ask",
"webfetch": "deny",
"doom_loop": "ask",
"external_directory": "ask"
@@ -18,7 +19,7 @@ By default, OpenCode allows most operations without approval, except `doom_loop`
}
```
-This lets you configure granular controls for the `edit`, `bash`, `webfetch`, `doom_loop`, and `external_directory` tools.
+This lets you configure granular controls for the `edit`, `bash`, `skill`, `webfetch`, `doom_loop`, and `external_directory` tools.
- `"ask"` — Prompt for approval before running the tool
- `"allow"` — Allow all operations without approval
@@ -28,7 +29,7 @@ This lets you configure granular controls for the `edit`, `bash`, `webfetch`, `d
## Tools
-Currently, the permissions for the `edit`, `bash`, `webfetch`, `doom_loop`, and `external_directory` tools can be configured through the `permission` option.
+Currently, the permissions for the `edit`, `bash`, `skill`, `webfetch`, `doom_loop`, and `external_directory` tools can be configured through the `permission` option.
---
@@ -144,6 +145,38 @@ When an agent asks for permission to run a command in a pipeline, we use tree si
---
+### skill
+
+Use the `permission.skill` key to control whether the model can load skills via the built-in `skill` tool.
+
+You can apply a single rule to all skills:
+
+```json title="opencode.json" {4}
+{
+ "$schema": "https://opencode.ai/config.json",
+ "permission": {
+ "skill": "ask"
+ }
+}
+```
+
+Or configure per-skill rules (supports the same wildcard patterns as `permission.bash`):
+
+```json title="opencode.json"
+{
+ "$schema": "https://opencode.ai/config.json",
+ "permission": {
+ "skill": {
+ "*": "deny",
+ "git-*": "allow",
+ "frontend/*": "ask"
+ }
+ }
+}
+```
+
+---
+
### webfetch
Use the `permission.webfetch` key to control whether the LLM can fetch web pages.