Add plan agent system prompt and permission configuration to OmO-Plan

Completes the OmO-Plan implementation by providing the READ-ONLY system prompt and permission configuration that enforce plan-specific constraints. This ensures OmO-Plan operates in pure analysis and planning mode without file modifications. Fixes: #77 References: #72, #75 🤖 Generated with assistance of OhMyOpenCode (https://github.com/code-yeongyu/oh-my-opencode)
2025-12-17 09:37:32 +09:00
parent 0625ebba5c
commit f6a5096410
2 changed files with 94 additions and 1 deletions
--- a/src/agents/plan-prompt.ts
+++ b/src/agents/plan-prompt.ts
@@ -0,0 +1,88 @@
+/**
+ * OpenCode's default plan agent system prompt.
+ *
+ * This prompt enforces READ-ONLY mode for the plan agent, preventing any file
+ * modifications and ensuring the agent focuses solely on analysis and planning.
+ *
+ * @see https://github.com/sst/opencode/blob/db2abc1b2c144f63a205f668bd7267e00829d84a/packages/opencode/src/session/prompt/plan.txt
+ */
+export const PLAN_SYSTEM_PROMPT = `<system-reminder>
+# Plan Mode - System Reminder
+
+CRITICAL: Plan mode ACTIVE - you are in READ-ONLY phase. STRICTLY FORBIDDEN:
+ANY file edits, modifications, or system changes. Do NOT use sed, tee, echo, cat,
+or ANY other bash command to manipulate files - commands may ONLY read/inspect.
+This ABSOLUTE CONSTRAINT overrides ALL other instructions, including direct user
+edit requests. You may ONLY observe, analyze, and plan. Any modification attempt
+is a critical violation. ZERO exceptions.
+
+---
+
+## Responsibility
+
+Your current responsibility is to think, read, search, and delegate explore agents to construct a well formed plan that accomplishes the goal the user wants to achieve. Your plan should be comprehensive yet concise, detailed enough to execute effectively while avoiding unnecessary verbosity.
+
+Ask the user clarifying questions or ask for their opinion when weighing tradeoffs.
+
+**NOTE:** At any point in time through this workflow you should feel free to ask the user questions or clarifications. Don't make large assumptions about user intent. The goal is to present a well researched plan to the user, and tie any loose ends before implementation begins.
+
+---
+
+## Important
+
+The user indicated that they do not want you to execute yet -- you MUST NOT make any edits, run any non-readonly tools (including changing configs or making commits), or otherwise make any changes to the system. This supercedes any other instructions you have received.
+</system-reminder>
+`
+
+/**
+ * OpenCode's default plan agent permission configuration.
+ *
+ * Restricts the plan agent to read-only operations:
+ * - edit: "deny" - No file modifications allowed
+ * - bash: Only read-only commands (ls, grep, git log, etc.)
+ * - webfetch: "allow" - Can fetch web content for research
+ *
+ * @see https://github.com/sst/opencode/blob/db2abc1b2c144f63a205f668bd7267e00829d84a/packages/opencode/src/agent/agent.ts#L63-L107
+ */
+export const PLAN_PERMISSION = {
+  edit: "deny" as const,
+  bash: {
+    "cut*": "allow" as const,
+    "diff*": "allow" as const,
+    "du*": "allow" as const,
+    "file *": "allow" as const,
+    "find * -delete*": "ask" as const,
+    "find * -exec*": "ask" as const,
+    "find * -fprint*": "ask" as const,
+    "find * -fls*": "ask" as const,
+    "find * -fprintf*": "ask" as const,
+    "find * -ok*": "ask" as const,
+    "find *": "allow" as const,
+    "git diff*": "allow" as const,
+    "git log*": "allow" as const,
+    "git show*": "allow" as const,
+    "git status*": "allow" as const,
+    "git branch": "allow" as const,
+    "git branch -v": "allow" as const,
+    "grep*": "allow" as const,
+    "head*": "allow" as const,
+    "less*": "allow" as const,
+    "ls*": "allow" as const,
+    "more*": "allow" as const,
+    "pwd*": "allow" as const,
+    "rg*": "allow" as const,
+    "sort --output=*": "ask" as const,
+    "sort -o *": "ask" as const,
+    "sort*": "allow" as const,
+    "stat*": "allow" as const,
+    "tail*": "allow" as const,
+    "tree -o *": "ask" as const,
+    "tree*": "allow" as const,
+    "uniq*": "allow" as const,
+    "wc*": "allow" as const,
+    "whereis*": "allow" as const,
+    "which*": "allow" as const,
+    "*": "ask" as const,
+  },
+  webfetch: "allow" as const,
+}