opencode-mcp
opencode-mcp is an MCP server that bridges MCP clients (via stdio) to the OpenCode headless API over HTTP. It auto-starts an OpenCode server when needed and exposes 79 tools, 10 resources, and 6 prompts for delegating coding, debugging, and project/session operations.
Score Breakdown
⚙ Agent Friendliness
🔒 Security
TLS is not explicitly enforced here; default OPENCODE_BASE_URL uses http://127.0.0.1:4096 (may still be safe locally but is not evidence of HTTPS). Authentication is optional via HTTP basic auth; no fine-grained scopes described at this MCP layer. The bridge can start/drive code execution/workflows via OpenCode, so treat it as high-privilege automation—ensure the OpenCode server is secured and limit who/what can connect to the MCP stdio process.
⚡ Reliability
Best When
You have an MCP-capable coding assistant and want one consistent tool surface to control OpenCode sessions across multiple projects/directories.
Avoid When
You cannot control or secure access to the local OpenCode server / auto-start process, or you need explicit, documented rate limit and retry/idempotency semantics for safe automation.
Use Cases
- • Delegating coding tasks (implement features, refactor, debugging) to OpenCode from an MCP-capable AI client
- • Running multi-step session workflows (create session, run tasks, poll/check status, review diffs)
- • Using MCP resources to read project/config/provider/health/session state
Not For
- • Directly serving end-user web/API traffic (it is an MCP bridge for AI tools)
- • Use cases requiring strict data residency/compliance guarantees not documented here
- • Environments where starting background processes automatically (auto-serve) is disallowed
Interface
Authentication
Authentication described pertains to the OpenCode server URL used by this bridge (optional HTTP basic auth when OPENCODE_SERVER_PASSWORD is set). No OAuth flows/scopes are described for this MCP layer itself.
Pricing
Pricing not described in the provided README/content; OpenCode provider costs would likely apply but are not stated here.
Agent Metadata
Known Gotchas
- ⚠ Auto-start behavior: the server may start opencode serve automatically if not running (OPENCODE_AUTO_SERVE=true by default), which can be surprising in locked-down environments.
- ⚠ Stateful sessions: prefer workflow tools (setup/run/wait/check) to maintain consistent session state; mixing fire/run/reply without sessionId tracking can lead to confusing outcomes.
- ⚠ Directory targeting: tools accept an optional directory for multi-project support; ensure the correct path is provided to avoid modifying the wrong project.
- ⚠ Error semantics: no explicit standardized error codes/retry guidance described in the provided content; agents should be prepared for upstream HTTP/API errors from OpenCode.
Alternatives
Full Evaluation Report
Comprehensive deep-dive: security analysis, reliability audit, agent experience review, cost modeling, competitive positioning, and improvement roadmap for opencode-mcp.
AI-powered analysis · PDF + markdown · Delivered within 30 minutes
Package Brief
Quick verdict, integration guide, cost projections, gotchas with workarounds, and alternatives comparison.
Delivered within 10 minutes
Score Monitoring
Get alerted when this package's AF, security, or reliability scores change significantly. Stay ahead of regressions.
Continuous monitoring
Scores are editorial opinions as of 2026-03-30.