Keyboard shortcuts

Press or to navigate between chapters

Press S or / to search in the book

Press ? to show this help

Press Esc to hide this help

CLI and MCP reference

Commands

CommandBehavior
oy audit [FOCUS...]Run a restricted security audit; Markdown or SARIF; default ISSUES.md.
oy review [TARGET]Review the collected workspace or git diff TARGET; default REVIEW.md.
oy enhance [FOCUS...]Fix one finding; use a finding ID as positional focus.
oy setupWrite global opencode integration.
oy setup --workspaceWrite integration under the current workspace’s .opencode/.
oy setup --dry-runPreview generated integration actions without writing.
oy doctorShow executable, config-path, helper, and selected-mode status.
oy / oy open ...Refresh integration and launch/pass through to opencode.
oy run, oy chat, oy modelCompatibility wrappers around opencode.
oy modesPrint safety-mode aliases and host permission behavior.
oy upgradeUpgrade mise-managed cargo:oy-cli and opencode, then refresh setup.
oy mcpServe MCP over stdio; normally launched by opencode.

Run oy <command> --help for all options and defaults. Unknown top-level actions and flags pass through to opencode unless they begin with a known oy command.

Safety modes

Mode aliasesAgentHost behavior
default, askoyEdits ask; bash asks.
plan, readoy-planEdits and bash denied.
edit, accept-editsoy-editEdits allowed; bash asks.
auto, auto-approve, yolooy-auto + --autoHost prompts auto-approved unless explicitly denied.

These modes apply to general launcher/remediation behavior. Restricted audit and review subagents define their own narrow tool permissions.

Setup ownership and refresh

Global setup writes ~/.config/opencode/; workspace setup writes .opencode/. It creates seven agents and two skills, then merges config.

oy owns and replaces:

  • mcp.oy;
  • command.oy-audit, command.oy-review, and command.oy-enhance;
  • tool_output.max_bytes (262,144) and tool_output.max_lines (20,000);
  • generated agent/skill files containing the oy marker.

Unknown sibling object keys are retained. A non-object mcp, command, or tool_output value is replaced with an object. The JSON/JSONC config is pretty-serialized, which removes comments and original formatting. Non-generated files at generated Markdown paths are not overwritten.

Launch-oriented commands refresh global integration and any detected workspace integration before opencode starts. Direct opencode use is not changed to the oy default agent; oy passes --agent only for its own launches.

MCP tools

ToolCapability
repo_manifestGitignore-aware inventory, approximate token estimates, language summary, optional security index.
repo_chunksOrdered repository chunks; summary first, then one-based full chunk retrieval.
git_diff_inputOrdered git diff <target> chunks.
existing_reportRead an existing generated audit/review report for carry-forward comparison.
slocSource-line counts through optional tokei.
outlineOne-file structural definitions through optional Universal Ctags.
sighthoundBounded SAST candidates through optional Sighthound embedded rules.
render_audit_reportWrite normalized Markdown or SARIF inside the workspace.
render_review_reportWrite normalized review Markdown inside the workspace.

Tool names are prefixed by the host’s MCP server name, for example oy_repo_manifest. Optional tools are advertised only after their executable passes a capability probe. Approximate token estimates currently use oy’s byte heuristic; the model value is workflow metadata, not tokenizer selection.

Optional helpers

mise use --global cargo:tokei
mise use --global github:universal-ctags/ctags
mise use --global cargo:https://github.com/Corgea/Sighthound@tag:1.0
# Homebrew alternative for two helpers:
brew install tokei universal-ctags

Helpers resolve to canonical absolute paths. Relative PATH entries are ignored. Calls use fixed arguments, closed stdin, timeouts, and output limits. Sighthound uses embedded rules, one worker, stable sorting, and finding/byte caps.

Sighthound has no release binary at the pinned 1.0 tag; its mise install builds from source and requires Rust 1.85+.

Environment

VariablePurpose
OY_ROOTOverride the workspace root used by oy path boundaries.
OY_TOKEIAbsolute tokei executable path.
OY_CTAGSAbsolute Universal Ctags executable path.
OY_SIGHTHOUNDAbsolute Sighthound executable path.
OY_COLORauto, always, or never color behavior.
NO_COLORDisable color output.
OY_SKIP_SETUPSkip oy setup in install.sh.
OY_MISE_MINIMUM_RELEASE_AGEOverride the installer’s mise release-age filter.

Filesystem and disclosure boundaries

Input paths must resolve under OY_ROOT or the current working directory. Output paths must be workspace-relative and may not escape through parent traversal or symlinks. The collector skips documented path/file categories and files over 512 KiB.

Repository text returned by MCP may become model input. Fixed external processes include read-only git and optional evidence helpers; oy MCP does not expose arbitrary shell, edit, web, network, or clone capabilities.

For implementation-level detail, read Tool safety and Architecture.