pantheon-org/opencode-build-tool
skills/agentic-harness/opencode-toolkit/build-tool/SKILL.md
Build custom tools and plugins using the OpenCode SDK packages. Use when creating custom tools, implementing tool schemas, building plugins, managing OpenCode sessions, using opencode-ai/sdk or opencode-ai/plugin, creating a tool.ts file, writing an execute handler, using tool.schema, ToolContext, createOpencode, plugin hooks, custom auth, automating OpenCode from a script, building a CI tool, or integrating external APIs. Keywords: Zod schema, execute handler, event streaming, session management, abort signal, tool discovery, multiple tools per file, tool factory.
$ install --global
skillsauthnpx skillsauth add pantheon-org/tekhne opencode-build-toolInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 28, 2026, 10:20 AM122.9s10 files scanned
SKILL.md
- name:
- opencode-build-tool
- description:
- Build custom tools and plugins using the OpenCode SDK packages. Use when creating custom tools, implementing tool schemas, building plugins, managing OpenCode sessions, using opencode-ai/sdk or opencode-ai/plugin, creating a tool.ts file, writing an execute handler, using tool.schema, ToolContext, createOpencode, plugin hooks, custom auth, automating OpenCode from a script, building a CI tool, or integrating external APIs. Keywords: Zod schema, execute handler, event streaming, session management, abort signal, tool discovery, multiple tools per file, tool factory.
OpenCode SDK Development
Quick Start: Custom Tool in 3 Steps
- Create
.opencode/tool/my-tool.ts:
import { tool } from "@opencode-ai/plugin"
export default tool({
description: "Brief description of what the tool does",
args: {
query: tool.schema.string().describe("Search query")
},
async execute({ query }, { abort }) {
return `Result for: ${query}`
}
})
- Restart OpenCode — tools are auto-discovered.
- Filename = tool name:
my-tool.ts→my-tool.
Mindset
@opencode-ai/plugin— Tools + Hooks: Add LLM-callable tools, intercept execution, react to events@opencode-ai/sdk— Client API: Control OpenCode from external scripts, session management
When to use: Adding new capabilities the agent doesn't have, automating OpenCode from CI/scripts, or integrating external APIs as first-class tools.
When NOT to use: Built-in tool exists (client.tool.list()). Need shell (use $ from Bun). Logic belongs in system prompt (AGENTS.md). Need MCP.
Full decision guide in advanced-patterns.md.
Tool File Locations
.opencode/tool/*.ts # project-specific
~/.config/opencode/tool/*.ts # global
Multiple named exports per file → multiple tools: filename_exportname
Anti-Patterns
NEVER return non-string from execute. WHY: The tool runtime expects a string response; returning an object throws at runtime.
// BAD - throws at runtime
async execute({ query }) { return { results: [] } }
// GOOD - serialize first
async execute({ query }) { return JSON.stringify({ results: [] }) }
NEVER import { tool } from "@opencode-ai/sdk". WHY: The SDK package has no tool() export. The tool factory is only in @opencode-ai/plugin.
// BAD - import error at runtime
import { tool } from "@opencode-ai/sdk"
// GOOD
import { tool } from "@opencode-ai/plugin"
NEVER ignore the abort signal in long-running operations. WHY: Ignoring abort leaves processes dangling after the user cancels, consuming resources.
// BAD - dangling fetch after cancel
async execute({ url }) { return await fetch(url).then(r => r.text()) }
// GOOD - propagate abort
async execute({ url }, { abort }) { return await fetch(url, { signal: abort }).then(r => r.text()) }
Reference Files
- advanced-patterns.md — patterns, anti-patterns, SDK examples; sdk-api.md — SDK client API; plugin-api.md — plugin hooks
- basic-tool.ts — simple tool; full-plugin.ts — complete plugin
Run bun run opencode run "list tools" to verify your tool is discovered and named correctly.
---
description: custom tools opencode SDK plugin execute handler abort signal Zod schema session management event streaming
---
Eval Scenarios
- Scenario 0: Create a custom todo-search tool with schema validation
- Scenario 1: Use SDK client to create session and send prompt
- Scenario 2: Implement abort signal handling in long-running tools
Related Skills
pantheon-org/jenkinsfile-generator
tools
VerifiedTrustedCommunity
Generates Jenkinsfiles with stages, agents, parallel builds, post-build actions, and security scanning for Declarative and Scripted pipeline syntaxes. Use when creating a Jenkins pipeline script, Groovy pipeline, or build configuration; implementing CI/CD workflows, continuous integration, or build automation; adding Docker/Kubernetes deployments, matrix builds, parameterized pipelines, or DevSecOps security scanning to a Jenkins setup.
6SKILL.mdUpdated May 16, 2026
pantheon-org/helm-validator
tools
VerifiedTrustedCommunity
Comprehensive toolkit for validating, linting, testing, and analyzing Helm charts and their rendered Kubernetes resources. Use this skill when working with Helm charts, validating templates, debugging chart issues, working with Custom Resource Definitions (CRDs) that require documentation lookup, or checking Helm best practices.
6SKILL.mdUpdated May 16, 2026
pantheon-org/helm-generator
tools
VerifiedTrustedCommunity
Comprehensive toolkit for generating best practice Helm charts and resources following current standards and conventions. Use this skill when creating new Helm charts, implementing Helm templates, scaffolding Chart.yaml and values.yaml, defining deployment templates, service definitions, ingress configurations, .tpl helpers, or building Helm projects from scratch. Trigger phrases include "create", "generate", "build", "scaffold" alongside terms like "kubernetes helm", "k8s charts", "helm package", "chart dependencies", "values.yaml", or "helm install".
6SKILL.mdUpdated May 16, 2026
pantheon-org/gitlab-ci-validator
development
VerifiedTrustedCommunity
Validates .gitlab-ci.yml syntax, detects security misconfigurations in job definitions, checks for deprecated keywords, ensures proper stage ordering, and audits pipeline configurations for best practices. Use when working with .gitlab-ci.yml files, validating GitLab CI/CD pipeline syntax, debugging configuration errors, checking for hardcoded secrets or credentials in pipeline jobs, optimizing pipeline performance with DAG or cache, or performing security audits on GitLab CI/CD configurations.
6SKILL.mdUpdated May 16, 2026