An OpenCode plugin that prevents AI assistants from accessing sensitive files and content based on configurable exclusion patterns using the well-known glob style.
This plugin hooks into OpenCode's tool execution lifecycle to filter out sensitive content before it reaches the AI provider. It honours .aiexclude files at various locations as well as project-root .gitignore files, allowing you to protect credentials, API keys, and other sensitive data.
- Pre-execution filtering: Blocks tool calls that attempt to access excluded files
- Post-execution filtering: Filters output that matches exclusion patterns
- Glob pattern support: Uses wildcards and directory patterns, leverages existing
.gitignorefiles for minimal setup - Minimal dependencies: Lightweight plugin using only Node.js built-ins and
picomatchas its unique dependency
- Bun >= 1.1.0
- Install
bun(optional if not yet installed)
curl -fsSL https://bun.com/install | bash- Install plugin
bash -c "mkdir -p $HOME/.config/opencode && cd $_ && bun add github:pjmartos/opencode-leak-proof#v0.1.0"- Install
bun(optional if not yet installed)
powershell -Command "irm bun.sh/install.ps1|iex ; $env:PATH = [Environment]::GetEnvironmentVariable('Path', 'Machine'),[Environment]::GetEnvironmentVariable('Path', 'User') -join ';'"- Install plugin
powershell -Command "cd -Path $HOME ; md -Force .config\opencode ; cd .config\opencode ; bun add github:pjmartos/opencode-leak-proof#v0.1.0"Add the plugin to your OpenCode configuration file:
{
"plugin": ["opencode-leak-proof"]
}You can configure exclusion patterns in three different and complimentary places (later patterns override earlier patterns):
- User-level
$HOME/.aiexclude - Project-local
.gitignore, at the project's root directory (.gitignorefiles in subfolders are currently not supported) - Project-local
.aiexclude, at the project's root directory
Glob patterns are converted to regular expressions and matched against normalized file paths.
In order to increase the effectiveness of the plugin, it is recommended to add instructions similar to the following in an AGENTS.md file:
For any file operation (list, read, concatenate, dump, search), you must first run your `Read` tool on each file. If the read call returns an error, you are not allowed to use that file, and in that case you must skip it entirely.Please read CONTRIBUTING.md for details on our code of conduct and the process for submitting pull requests.
This project is licensed under the Apache License 2.0 - see the LICENSE file for details.
- Issue Tracker: GitHub Issues
