opencode-raven 1.0.0 → 1.1.0

package/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 Ayman
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md

@@ -1,111 +1,164 @@
-# opencode-raven
-
-Search-first subagent for [opencode](https://opencode.ai) — intercepts search tool calls from other agents and routes them to a dedicated **@raven** agent with Context7, Exa AI, and Grep.app MCPs.
-
-## Why?
-
-Other agents (orchestrator, fixer, etc.) waste tokens and context on search tools. Raven gives them a single delegation target that's purpose-built for search, with the right MCPs wired in and a compact-output prompt.
-
-## Install
-
-```bash
-bun add opencode-raven
-```
-
-Then add to your `opencode.jsonc`:
-
-```jsonc
-{
-  "plugin": ["opencode-raven"]
-}
-```
-
-Restart opencode.
-
-## Commands
-
-| Command | Action |
-|---------|--------|
-| `/raven` | Show status — enabled/disabled, current model |
-| `/raven on` | Enable search tool redirection to @raven (default) |
-| `/raven off` | Disable interception — all agents can use search tools directly |
-| `/raven model <name>` | Change Raven's model (e.g. `/raven model opencode/deepseek-v4-flash-free`) |
-
-Config persists across restarts in `raven-config.json` (next to your `opencode.jsonc`).
-
-## Configuration
-
-### raven-config.json
-
-Created automatically in your project root on first toggle. Edit manually or use `/raven` commands:
-
-```json
-{
-  "enabled": true,
-  "model": "opencode/deepseek-v4-flash-free"
-}
-```
-
-| Field | Default | Description |
-|-------|---------|-------------|
-| `enabled` | `true` | Whether search tool interception is active |
-| `model` | *(from Raven.md)* | Override Raven's model without editing package files |
-
-### MCP servers
-
-All three MCPs are enabled by default:
-
-| MCP | URL | Notes |
-|-----|-----|-------|
-| Context7 | `https://mcp.context7.com/mcp` | No API key needed |
-| Exa AI | `https://mcp.exa.ai/mcp` | Requires Exa account |
-| Grep.app | `https://mcp.grep.app` | No API key needed |
-
-To disable an MCP, override it in your `opencode.jsonc`:
-
-```jsonc
-{
-  "mcp": {
-    "exa": { "type": "remote", "url": "https://mcp.exa.ai/mcp", "enabled": false }
-  }
-}
-```
-
-## How it works
-
-| Hook | What it does |
-|------|--------------|
-| `config` | Registers Raven agent, adds Context7/Exa/Grep.app MCPs, loads MCP guidance |
-| `chat.message` | Tracks Raven's session IDs so its own tools aren't blocked |
-| `command.execute.before` | Handles `/raven on\|off\|model\|status` |
-| `tool.execute.before` | Nukes search tool args for non-Raven agents (no wasted API calls) |
-| `tool.execute.after` | Replaces search tool output with redirect to Raven |
-
-**Blocked tools** (redirected to Raven for all agents except Raven itself):
-
-| Tool | Raven's equivalent |
-|------|-------------------|
-| `websearch_web_search_exa` | Exa AI (web search) |
-| `exa_web_search_exa` | Exa AI (web search via MCP) |
-| `exa_web_fetch_exa` | Exa AI (page fetch via MCP) |
-| `grep_app_searchGitHub` | Grep.app (GitHub examples) |
-| `grep` | grep/rg (local code search) |
-| `glob` | glob (file search) |
-
-**Unrestricted**: `webfetch`, `read`, `bash`, `task`, and all other tools.
-
-## Agent capabilities
-
-| Tool / MCP | Purpose |
-|------------|---------|
-| `read`, `glob`, `grep`, `list` | Local codebase inspection |
-| `bash` (`rg`, `grep`, `git grep`) | Local search commands |
-| Context7 | Library/framework/SDK/API docs |
-| Exa AI | Web search, news, pages, products |
-| Grep.app | Public GitHub examples |
-
-Raven returns compact findings: answer, sources, relevant details, recommended next step, and uncertainty.
-
-## License
-
+# opencode-raven
+
+<table>
+<tr>
+<td><img src="Raven.png" alt="Raven" width="768" /></td>
+<td>
+<strong>Search-first subagent for <a href="https://opencode.ai">opencode</a></strong><br/>
+Intercepts search tool calls and routes them to a dedicated <strong>@raven</strong> agent with Context7, Exa AI, and Grep.app MCPs.
+</td>
+</tr>
+</table>
+
+## Why?
+
+Search is the most common thing agents do — and the most wasteful. Every search call burns tokens and context on results that a cheap, focused agent could handle better. Raven fixes three problems:
+
+1. **Cost** — Use a free model like `opencode/deepseek-v4-flash-free` for all search, saving your expensive model's context for actual work.
+2. **Reliability** — Hard-enforced interception. Other plugins suggest delegation; Raven *blocks* search tools for non-Raven agents and redirects them. No more agents ignoring your instructions and searching directly.
+3. **Simplicity** — One plugin, one agent, zero config. No bundled agents or features you don't need. Works with any agent or workflow. Just add it to `opencode.jsonc` and restart.
+
+## Install
+
+```bash
+bun add opencode-raven
+# or
+npm install opencode-raven
+```
+
+Then add to your `opencode.jsonc`:
+
+```jsonc
+{
+  "plugin": ["opencode-raven"]
+}
+```
+
+Restart opencode.
+
+## Commands
+
+| Command | Action |
+|---------|--------|
+| `/raven` | Show status — enabled/disabled, current model |
+| `/raven on` | Enable search tool redirection to @raven (default) |
+| `/raven off` | Disable interception — all agents can use search tools directly |
+| `/raven model <name>` | Change Raven's model (e.g. `/raven model opencode/deepseek-v4-flash-free`) |
+
+Config persists across restarts in `raven-config.json` (next to your `opencode.jsonc`).
+
+## raven_seek — fallback for agents without task
+
+When search tools are blocked, agents are told to delegate to Raven via the `task` tool (`subagent_type="raven"`). This is the preferred path — the Raven subagent runs visibly in its own session, and you can see its work.
+
+Some agents have `task: deny` and can't delegate. **`raven_seek`** is the fallback for those agents — a custom tool that any agent can call directly, no `task` permission needed:
+
+```
+raven_seek(query: "how to use useEffect cleanup")
+```
+
+The tool creates a Raven session behind the scenes, sends the query, and returns results. It's less visible than task delegation, so it's only used when task isn't available.
+
+## Configuration
+
+### raven-config.json
+
+Created automatically on first toggle. Edit manually or use `/raven` commands:
+
+```json
+{
+  "enabled": true,
+  "model": "opencode/deepseek-v4-flash-free"
+}
+```
+
+| Field | Default | Description |
+|-------|---------|-------------|
+| `enabled` | `true` | Whether search tool interception is active |
+| `model` | *(from Raven.md)* | Override Raven's model without editing package files |
+
+### MCP servers
+
+All three MCPs work without API keys. Adding keys increases rate limits:
+
+| MCP | URL | API key |
+|-----|-----|---------|
+| Context7 | `https://mcp.context7.com/mcp` | Free key at [context7.com/dashboard](https://context7.com/dashboard) — higher limits |
+| Exa AI | `https://mcp.exa.ai/mcp` | Free key at [exa.ai](https://exa.ai) — higher limits |
+| Grep.app | `https://mcp.grep.app` | Not available — public API, no key needed |
+
+To add an API key, override the MCP in your `opencode.jsonc` with a `headers` field:
+
+```jsonc
+{
+  "mcp": {
+    "exa": {
+      "type": "remote",
+      "url": "https://mcp.exa.ai/mcp",
+      "headers": { "x-api-key": "{env:EXA_API_KEY}" },
+      "enabled": true
+    }
+  }
+}
+```
+
+To disable an MCP entirely:
+
+```jsonc
+{
+  "mcp": {
+    "exa": { "type": "remote", "url": "https://mcp.exa.ai/mcp", "enabled": false }
+  }
+}
+```
+
+## How it works
+
+| Hook | What it does |
+|------|--------------|
+| `config` | Registers Raven agent, adds Context7/Exa/Grep.app MCPs, loads MCP guidance |
+| `tool` | Registers `raven_seek` — fallback tool for agents that can't use `task` |
+| `chat.message` | Tracks Raven's session IDs so its own tools aren't blocked |
+| `command.execute.before` | Handles `/raven on\|off\|model\|status` |
+| `tool.execute.before` | Throws to abort disabled tools before they execute — no wasted API calls |
+| `tool.execute.after` | Safety net: replaces output if the tool somehow still ran |
+
+### Blocked tools (redirected for all agents except Raven itself)
+
+**Dedicated search tools:**
+
+| Tool | Source |
+|------|--------|
+| `grep`, `glob` | Built-in |
+| `websearch_web_search_exa` | WebSearch MCP |
+| `context7_resolve-library-id`, `context7_query-docs` | Context7 MCP |
+| `exa_web_search_exa`, `exa_web_fetch_exa`, `exa_web_search_advanced_exa` | Exa AI MCP |
+| `exa_company_research_exa`, `exa_crawling_exa`, `exa_people_search_exa` | Exa AI MCP |
+| `exa_linkedin_search_exa`, `exa_get_code_context_exa` | Exa AI MCP |
+| `exa_deep_researcher_start`, `exa_deep_researcher_check`, `exa_deep_search_exa` | Exa AI MCP |
+| `grep_app_searchGitHub` | Grep.app MCP |
+
+**Bash commands** — intercepted when the command or description matches a search pattern:
+
+| Pattern | Examples |
+|---------|----------|
+| Content search | `rg`, `grep`, `egrep`, `fgrep`, `git grep`, `ack`, `ag`, `findstr`, `Select-String` |
+| Filesystem exploration | `Get-ChildItem`, `gci`, `find -name`, `find -type`, `ls -R`, `dir /s` |
+
+**Unrestricted**: `webfetch`, `read`, `task`, `raven_seek`, and non-search `bash` commands.
+
+## Agent capabilities
+
+| Tool / MCP | Purpose |
+|------------|---------|
+| `read`, `glob`, `grep`, `list` | Local codebase inspection |
+| `bash` (`rg`, `grep`, `git grep`) | Local search commands |
+| Context7 | Library/framework/SDK/API docs |
+| Exa AI | Web search, news, pages, products |
+| Grep.app | Public GitHub examples |
+
+Raven returns compact findings: answer, sources, relevant details, recommended next step, and uncertainty.
+
+## License
+
 MIT

package/index.ts

@@ -1,237 +1,324 @@
-import type { Plugin, PluginInput } from "@opencode-ai/plugin"
-import { readFileSync, writeFileSync, existsSync } from "node:fs"
-import { join } from "node:path"
-
-// ── Resolve paths relative to this package (works in node_modules/) ──
-const PKG_DIR = import.meta.dirname!
-
-const RAVEN_MD = join(PKG_DIR, "Raven.md")
-const MCP_GUIDANCE_MD = join(PKG_DIR, "mcp-guidance.md")
-
-// ── Search tools that should be intercepted for non-Raven agents ──
-const SEARCH_TOOLS = [
-  "websearch_web_search_exa",
-  "exa_web_search_exa",
-  "exa_web_fetch_exa",
-  "grep_app_searchGitHub",
-  "grep",
-  "glob",
-]
-
-// ── Config file shape ──
-interface RavenConfig {
-  enabled: boolean
-  model?: string
-}
-
-const DEFAULT_CONFIG: RavenConfig = { enabled: true }
-
-// ── Parse Raven.md frontmatter ──
-const ravenMd = readFileSync(RAVEN_MD, "utf-8")
-const { frontmatter: fm, prompt: ravenPrompt } = parseRavenMd(ravenMd)
-
-function parseRavenMd(raw: string): { frontmatter: Record<string, any>; prompt: string } {
-  const parts = raw.split("---")
-  if (parts.length < 3) {
-    throw new Error("Raven.md missing frontmatter (--- delimiters)")
-  }
-  return { frontmatter: parseYaml(parts[1]), prompt: parts.slice(2).join("---").trim() }
-}
-
-// ── Minimal YAML parser (handles the structure used in Raven.md) ──
-function parseYaml(yaml: string): Record<string, any> {
-  const lines = yaml.split("\n")
-  const root: Record<string, any> = {}
-  const stack: Array<{ obj: Record<string, any>; indent: number }> = [
-    { obj: root, indent: -1 },
-  ]
-
-  for (const rawLine of lines) {
-    const line = rawLine.trimEnd()
-    if (!line.trim() || line.trim().startsWith("#")) continue
-
-    const indent = line.search(/\S/)
-    const colonIdx = line.indexOf(":")
-    if (colonIdx === -1) continue
-
-    const rawKey = line.slice(indent, colonIdx).trim()
-    const key =
-      (rawKey.startsWith('"') && rawKey.endsWith('"')) ||
-      (rawKey.startsWith("'") && rawKey.endsWith("'"))
-        ? rawKey.slice(1, -1)
-        : rawKey
-
-    const rawValue = line.slice(colonIdx + 1).trim()
-
-    while (stack.length > 1 && stack[stack.length - 1].indent >= indent) {
-      stack.pop()
-    }
-    const current = stack[stack.length - 1].obj
-
-    if (!rawValue) {
-      const nested: Record<string, any> = {}
-      current[key] = nested
-      stack.push({ obj: nested, indent })
-    } else {
-      let value: any = rawValue
-      if (
-        (value.startsWith('"') && value.endsWith('"')) ||
-        (value.startsWith("'") && value.endsWith("'"))
-      ) {
-        value = value.slice(1, -1)
-      } else if (value === "true") {
-        value = true
-      } else if (value === "false") {
-        value = false
-      }
-      current[key] = value
-    }
-  }
-
-  return root
-}
-
-// ── Move unknown frontmatter fields into options ──
-const KNOWN_KEYS = new Set([
-  "description", "mode", "hidden", "model", "permission",
-  "prompt", "name", "color", "steps", "disable",
-  "temperature", "top_p", "variant",
-])
-
-function extractOptions(fm: Record<string, any>): Record<string, any> {
-  const options: Record<string, any> = {}
-  for (const key of Object.keys(fm)) {
-    if (!KNOWN_KEYS.has(key)) options[key] = fm[key]
-  }
-  return options
-}
-
-// ── Plugin ──
-export default ((input: PluginInput) => {
-  // Config file lives in the project directory (next to opencode.jsonc)
-  const configFile = join(input.directory, "raven-config.json")
-
-  function loadConfig(): RavenConfig {
-    try {
-      if (existsSync(configFile)) {
-        const raw = JSON.parse(readFileSync(configFile, "utf-8"))
-        return {
-          enabled: raw.enabled !== false,
-          model: raw.model,
-        }
-      }
-    } catch { /* ignore corruption, use defaults */ }
-    return { ...DEFAULT_CONFIG }
-  }
-
-  function saveConfig(config: RavenConfig) {
-    try {
-      writeFileSync(configFile, JSON.stringify(config, null, 2) + "\n")
-    } catch { /* non-fatal: config won't persist but toggle still works in-session */ }
-  }
-
-  let config = loadConfig()
-  const ravenSessions = new Set<string>()
-
-  return {
-    config(configInput: any) {
-      // MCP servers
-      configInput.mcp = configInput.mcp || {}
-      configInput.mcp.context7 = {
-        type: "remote", url: "https://mcp.context7.com/mcp", enabled: true,
-      }
-      configInput.mcp.exa = {
-        type: "remote", url: "https://mcp.exa.ai/mcp", enabled: true,
-      }
-      configInput.mcp.grep_app = {
-        type: "remote", url: "https://mcp.grep.app", enabled: true,
-      }
-
-      // Inject MCP guidance as a startup instruction file (absolute path for npm compat)
-      configInput.instructions = configInput.instructions || []
-      if (!configInput.instructions.includes(MCP_GUIDANCE_MD)) {
-        configInput.instructions.push(MCP_GUIDANCE_MD)
-      }
-
-      // Register Raven from Raven.md, with config file overrides
-      configInput.agent = configInput.agent || {}
-      configInput.agent.raven = {
-        description: fm.description || "",
-        mode: fm.mode || "subagent",
-        hidden: fm.hidden !== undefined ? fm.hidden : false,
-        model: config.model || fm.model,
-        options: extractOptions(fm),
-        permission: fm.permission || {},
-        prompt: ravenPrompt,
-      }
-
-      // Register /raven command
-      configInput.command = configInput.command || {}
-      if (!configInput.command.raven) {
-        configInput.command.raven = {
-          template: "Manage Raven: /raven on|off|model <name>|status",
-          description: "Toggle search interception or change Raven's model",
-        }
-      }
-    },
-
-    // Track Raven sessions so we don't block its own tools
-    "chat.message"(input: any, _output: any) {
-      if (input.agent === "raven") {
-        ravenSessions.add(input.sessionID)
-      }
-    },
-
-    // /raven on|off|model <name>|status
-    "command.execute.before"(input: any, output: any) {
-      if (input.command !== "raven") return
-      output.parts.length = 0
-      const raw = input.arguments.trim()
-      const arg = raw.toLowerCase()
-
-      if (arg === "on") {
-        config.enabled = true
-        saveConfig(config)
-        output.parts.push({ type: "text", text: "Raven search interception enabled. Non-Raven agents will be redirected to @raven for search tools." })
-      } else if (arg === "off") {
-        config.enabled = false
-        saveConfig(config)
-        output.parts.push({ type: "text", text: "Raven search interception disabled. All agents can use search tools directly." })
-      } else if (arg.startsWith("model ")) {
-        const model = raw.slice(6).trim()
-        if (!model) {
-          output.parts.push({ type: "text", text: `Usage: /raven model <name>\nCurrent model: ${config.model || fm.model || "(default)"}` })
-        } else {
-          config.model = model
-          saveConfig(config)
-          output.parts.push({ type: "text", text: `Raven model set to: ${model}\nRestart opencode for the change to take effect.` })
-        }
-      } else {
-        const enabled = config.enabled ? "enabled" : "disabled"
-        const model = config.model || fm.model || "(default)"
-        output.parts.push({ type: "text", text: `Raven is ${enabled}. Model: ${model}\n\nCommands:\n  /raven on      — enable search interception\n  /raven off     — disable search interception\n  /raven model <name> — change Raven's model (requires restart)` })
-      }
-    },
-
-    "tool.execute.before"(input: any, output: any) {
-      if (!config.enabled) return
-      if (!SEARCH_TOOLS.includes(input.tool)) return
-      if (ravenSessions.has(input.sessionID)) return
-      // Break args to prevent actual API calls
-      const args = output.args || {}
-      if ("query" in args) args.query = ""
-      output.args = { ...output.args, ...args }
-    },
-
-    "tool.execute.after"(input: any, output: any) {
-      if (!config.enabled) return
-      if (!SEARCH_TOOLS.includes(input.tool)) return
-      if (ravenSessions.has(input.sessionID)) return
-      const msg =
-        "This tool is disabled. Delegate to Raven instead: use the task tool with subagent_type=\"raven\"."
-      output.output = msg
-      const raw = output as any
-      if (raw.content?.[0]?.text) raw.content[0].text = msg
-    },
-  }
+import type { Plugin, PluginInput } from "@opencode-ai/plugin"
+import { tool } from "@opencode-ai/plugin"
+import { readFileSync, writeFileSync, existsSync } from "node:fs"
+import { join } from "node:path"
+
+// ── Resolve paths relative to this package (works in node_modules/) ──
+const PKG_DIR = import.meta.dirname!
+
+const RAVEN_MD = join(PKG_DIR, "Raven.md")
+const MCP_GUIDANCE_MD = join(PKG_DIR, "mcp-guidance.md")
+
+// ── Search tools that should be intercepted for non-Raven agents ──
+const SEARCH_TOOLS = [
+  // Built-in tools
+  "grep",
+  "glob",
+  // WebSearch MCP
+  "websearch_web_search_exa",
+  // Context7 MCP
+  "context7_resolve-library-id",
+  "context7_query-docs",
+  // Exa AI MCP
+  "exa_web_search_exa",
+  "exa_web_fetch_exa",
+  "exa_web_search_advanced_exa",
+  "exa_company_research_exa",
+  "exa_crawling_exa",
+  "exa_people_search_exa",
+  "exa_linkedin_search_exa",
+  "exa_get_code_context_exa",
+  "exa_deep_researcher_start",
+  "exa_deep_researcher_check",
+  "exa_deep_search_exa",
+  // Grep.app MCP
+  "grep_app_searchGitHub",
+]
+
+// ── Bash commands that look like search workarounds ──
+const SEARCH_BASH_RE = /\b(rg|ripgrep|grep|egrep|fgrep|git\s+grep|ack|ag\b|findstr|Select-String|Get-ChildItem|gci\b|dir\b\s+[/-][sS]|ls\b\s+-[rR]|find\b\s+.*-name|find\b\s+.*-type)\b/
+
+function isSearchBash(tool: string, args: any): boolean {
+  if (tool !== "bash") return false
+  const cmd = String(args?.command ?? "")
+  const desc = String(args?.description ?? "")
+  return SEARCH_BASH_RE.test(cmd) || SEARCH_BASH_RE.test(desc)
+}
+
+// ── Config file shape ──
+interface RavenConfig {
+  enabled: boolean
+  model?: string
+}
+
+const DEFAULT_CONFIG: RavenConfig = { enabled: true }
+
+// ── Parse Raven.md frontmatter ──
+const ravenMd = readFileSync(RAVEN_MD, "utf-8")
+const { frontmatter: fm, prompt: ravenPrompt } = parseRavenMd(ravenMd)
+
+function parseRavenMd(raw: string): { frontmatter: Record<string, any>; prompt: string } {
+  const parts = raw.split("---")
+  if (parts.length < 3) {
+    throw new Error("Raven.md missing frontmatter (--- delimiters)")
+  }
+  return { frontmatter: parseYaml(parts[1]), prompt: parts.slice(2).join("---").trim() }
+}
+
+// ── Minimal YAML parser (handles the structure used in Raven.md) ──
+function parseYaml(yaml: string): Record<string, any> {
+  const lines = yaml.split("\n")
+  const root: Record<string, any> = {}
+  const stack: Array<{ obj: Record<string, any>; indent: number }> = [
+    { obj: root, indent: -1 },
+  ]
+
+  for (const rawLine of lines) {
+    const line = rawLine.trimEnd()
+    if (!line.trim() || line.trim().startsWith("#")) continue
+
+    const indent = line.search(/\S/)
+    const colonIdx = line.indexOf(":")
+    if (colonIdx === -1) continue
+
+    const rawKey = line.slice(indent, colonIdx).trim()
+    const key =
+      (rawKey.startsWith('"') && rawKey.endsWith('"')) ||
+      (rawKey.startsWith("'") && rawKey.endsWith("'"))
+        ? rawKey.slice(1, -1)
+        : rawKey
+
+    const rawValue = line.slice(colonIdx + 1).trim()
+
+    while (stack.length > 1 && stack[stack.length - 1].indent >= indent) {
+      stack.pop()
+    }
+    const current = stack[stack.length - 1].obj
+
+    if (!rawValue) {
+      const nested: Record<string, any> = {}
+      current[key] = nested
+      stack.push({ obj: nested, indent })
+    } else {
+      let value: any = rawValue
+      if (
+        (value.startsWith('"') && value.endsWith('"')) ||
+        (value.startsWith("'") && value.endsWith("'"))
+      ) {
+        value = value.slice(1, -1)
+      } else if (value === "true") {
+        value = true
+      } else if (value === "false") {
+        value = false
+      }
+      current[key] = value
+    }
+  }
+
+  return root
+}
+
+// ── Move unknown frontmatter fields into options ──
+const KNOWN_KEYS = new Set([
+  "description", "mode", "hidden", "model", "permission",
+  "prompt", "name", "color", "steps", "disable",
+  "temperature", "top_p", "variant",
+])
+
+function extractOptions(fm: Record<string, any>): Record<string, any> {
+  const options: Record<string, any> = {}
+  for (const key of Object.keys(fm)) {
+    if (!KNOWN_KEYS.has(key)) options[key] = fm[key]
+  }
+  return options
+}
+
+// ── Plugin ──
+export default ((input: PluginInput) => {
+  const client = input.client
+
+  // Config file lives in the project directory (next to opencode.jsonc)
+  const configFile = join(input.directory, "raven-config.json")
+
+  function loadConfig(): RavenConfig {
+    try {
+      if (existsSync(configFile)) {
+        const raw = JSON.parse(readFileSync(configFile, "utf-8"))
+        return {
+          enabled: raw.enabled !== false,
+          model: raw.model,
+        }
+      }
+    } catch { /* ignore corruption, use defaults */ }
+    return { ...DEFAULT_CONFIG }
+  }
+
+  function saveConfig(config: RavenConfig) {
+    try {
+      writeFileSync(configFile, JSON.stringify(config, null, 2) + "\n")
+    } catch { /* non-fatal: config won't persist but toggle still works in-session */ }
+  }
+
+  let config = loadConfig()
+  const ravenSessions = new Set<string>()
+
+  return {
+    config(configInput: any) {
+      // MCP servers
+      configInput.mcp = configInput.mcp || {}
+      configInput.mcp.context7 = {
+        type: "remote", url: "https://mcp.context7.com/mcp", enabled: true,
+      }
+      configInput.mcp.exa = {
+        type: "remote", url: "https://mcp.exa.ai/mcp", enabled: true,
+      }
+      configInput.mcp.grep_app = {
+        type: "remote", url: "https://mcp.grep.app", enabled: true,
+      }
+
+      // Inject MCP guidance as a startup instruction file (absolute path for npm compat)
+      configInput.instructions = configInput.instructions || []
+      if (!configInput.instructions.includes(MCP_GUIDANCE_MD)) {
+        configInput.instructions.push(MCP_GUIDANCE_MD)
+      }
+
+      // Register Raven from Raven.md, with config file overrides
+      configInput.agent = configInput.agent || {}
+      configInput.agent.raven = {
+        description: fm.description || "",
+        mode: fm.mode || "subagent",
+        hidden: fm.hidden !== undefined ? fm.hidden : false,
+        model: config.model || fm.model,
+        options: extractOptions(fm),
+        permission: fm.permission || {},
+        prompt: ravenPrompt,
+      }
+
+      // Register /raven command
+      configInput.command = configInput.command || {}
+      if (!configInput.command.raven) {
+        configInput.command.raven = {
+          template: "Manage Raven: /raven on|off|model <name>|status",
+          description: "Toggle search interception or change Raven's model",
+        }
+      }
+    },
+
+    // Register raven_seek tool — lets agents with task:false still search through Raven
+    tool: {
+      "raven_seek": tool({
+        description: "Fallback search tool — use only when task delegation to Raven (subagent_type=\"raven\") is unavailable. Raven has access to Context7, Exa AI, and Grep.app for web search, docs lookup, and GitHub examples.",
+        args: {
+          query: tool.schema.string().describe("What to search for — be specific about what you need (docs, code examples, web info, etc.)"),
+        },
+        async execute(args, context) {
+          try {
+            // Create a Raven session
+            const session = await client.session.create({
+              body: { title: `raven_seek: ${args.query.slice(0, 80)}` },
+            })
+
+            const sessionId = (session as any)?.data?.id ?? (session as any)?.id
+            if (!sessionId) {
+              return { title: "Raven Seek", output: "Failed to create Raven session." }
+            }
+
+            // Send the query to Raven
+            const result = await client.session.prompt({
+              path: { id: sessionId },
+              body: {
+                agent: "raven",
+                parts: [{ type: "text", text: args.query }],
+              },
+            })
+
+            // Extract text from the response
+            const parts = (result as any)?.data?.parts ?? []
+            const textParts = parts
+              .filter((p: any) => p.type === "text" && p.text)
+              .map((p: any) => p.text)
+            const output = textParts.join("\n") || "Raven returned no results."
+
+            // Clean up the session
+            try {
+              await client.session.delete({ path: { id: sessionId } })
+            } catch { /* non-fatal */ }
+
+            return { title: "Raven Seek", output }
+          } catch (err: any) {
+            return { title: "Raven Seek", output: `Raven search failed: ${err.message || err}` }
+          }
+        },
+      }),
+    },
+
+    // Track Raven sessions so we don't block its own tools
+    "chat.message"(input: any, _output: any) {
+      if (input.agent === "raven") {
+        ravenSessions.add(input.sessionID)
+      }
+    },
+
+    // /raven on|off|model <name>|status
+    "command.execute.before"(input: any, output: any) {
+      if (input.command !== "raven") return
+      output.parts.length = 0
+      const raw = input.arguments.trim()
+      const arg = raw.toLowerCase()
+
+      if (arg === "on") {
+        config.enabled = true
+        saveConfig(config)
+        output.parts.push({ type: "text", text: "Raven search interception enabled. Non-Raven agents will be redirected to @raven for search tools." })
+      } else if (arg === "off") {
+        config.enabled = false
+        saveConfig(config)
+        output.parts.push({ type: "text", text: "Raven search interception disabled. All agents can use search tools directly." })
+      } else if (arg.startsWith("model ")) {
+        const model = raw.slice(6).trim()
+        if (!model) {
+          output.parts.push({ type: "text", text: `Usage: /raven model <name>\nCurrent model: ${config.model || fm.model || "(default)"}` })
+        } else {
+          config.model = model
+          saveConfig(config)
+          output.parts.push({ type: "text", text: `Raven model set to: ${model}\nRestart opencode for the change to take effect.` })
+        }
+      } else {
+        const enabled = config.enabled ? "enabled" : "disabled"
+        const model = config.model || fm.model || "(default)"
+        output.parts.push({ type: "text", text: `Raven is ${enabled}. Model: ${model}\n\nCommands:\n  /raven on      — enable search interception\n  /raven off     — disable search interception\n  /raven model <name> — change Raven's model (requires restart)` })
+      }
+    },
+
+    "tool.execute.before"(input: any, output: any) {
+      if (!config.enabled) return
+      if (ravenSessions.has(input.sessionID)) return
+
+      const isSearchTool = SEARCH_TOOLS.includes(input.tool)
+      const isSearchBashCmd = isSearchBash(input.tool, output.args || input.args)
+
+      if (!isSearchTool && !isSearchBashCmd) return
+
+      throw new Error(
+        "Search tool disabled — delegate to Raven via the task tool (subagent_type=\"raven\")"
+      )
+    },
+
+    "tool.execute.after"(input: any, output: any) {
+      if (!config.enabled) return
+      if (ravenSessions.has(input.sessionID)) return
+
+      const isSearchTool = SEARCH_TOOLS.includes(input.tool)
+      const isSearchBashCmd = isSearchBash(input.tool, input.args || output.args)
+
+      if (!isSearchTool && !isSearchBashCmd) return
+
+      const msg = "Search tool disabled — delegate to Raven via the task tool (subagent_type=\"raven\")"
+      output.output = msg
+      try {
+        const raw = output as any
+        if (raw.content?.[0]?.text) raw.content[0].text = msg
+      } catch {}
+    },
+  }
 }) satisfies Plugin

package/mcp-guidance.md

@@ -1,5 +1,9 @@
-## MCP usage guidance — delegate to Raven (subagent_type="raven") for these:
-
-- Context7: use when implementing, configuring, or debugging code that depends on a library, framework, SDK, package, or API. Prefer over memory when docs may be version-specific or recently changed.
-- Exa AI: use for live web search, current information, company/product research, reading webpages, comparing tools, and broad external research. Use when the answer depends on recent updates, pricing, docs pages, releases, or online sources.
-- Grep.app: use for searching public GitHub code examples, real-world usage patterns, config examples, and how other projects structure similar code. Use when docs are unclear or when implementation examples would help.
+## MCP usage guidance — delegate to Raven (subagent_type="raven") for these:
+
+- Context7: use when implementing, configuring, or debugging code that depends on a library, framework, SDK, package, or API. Prefer over memory when docs may be version-specific or recently changed.
+- Exa AI: use for live web search, current information, company/product research, reading webpages, comparing tools, and broad external research. Use when the answer depends on recent updates, pricing, docs pages, releases, or online sources.
+- Grep.app: use for searching public GitHub code examples, real-world usage patterns, config examples, and how other projects structure similar code. Use when docs are unclear or when implementation examples would help.
+
+## Built-in search tools (grep, glob, search-like bash) are blocked and routed to Raven automatically.
+
+If task delegation is unavailable, use the raven_seek tool as a fallback.

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "opencode-raven",
-  "version": "1.0.0",
+  "version": "1.1.0",
   "description": "Search-first subagent for opencode — intercepts search tools and routes them to a dedicated @raven agent with Context7, Exa AI, and Grep.app MCPs",
   "main": "./index.ts",
   "exports": {