fix(examples): scope OpenCode sample permissions

Author: serghei-dev

cmd/sortie/sample_workflow_test.go

@@ -2,6 +2,7 @@ package main
 
 import (
 	"path/filepath"
+	"slices"
 	"strings"
 	"testing"
 
@@ -342,6 +343,22 @@ func TestSampleWorkflowOpenCodeExtension(t *testing.T) {
 	if v, _ := opencodeCfg["disable_autocompact"].(bool); !v {
 		t.Error("opencode extension 'disable_autocompact' must be true")
 	}
+	allowedTools, ok := opencodeCfg["allowed_tools"].([]any)
+	if !ok {
+		t.Fatal("opencode extension missing 'allowed_tools' list")
+	}
+	gotAllowedTools := make([]string, 0, len(allowedTools))
+	for _, tool := range allowedTools {
+		name, ok := tool.(string)
+		if !ok {
+			t.Fatalf("allowed tool type = %T, want string", tool)
+		}
+		gotAllowedTools = append(gotAllowedTools, name)
+	}
+	wantAllowedTools := []string{"read", "glob", "grep", "edit", "bash"}
+	if !slices.Equal(gotAllowedTools, wantAllowedTools) {
+		t.Errorf("opencode extension allowed_tools = %v, want %v", gotAllowedTools, wantAllowedTools)
+	}
 
 	agent, ok := wf.Config["agent"].(map[string]any)
 	if !ok {

examples/WORKFLOW.opencode.md

@@ -49,6 +49,12 @@ opencode:
   model: anthropic/claude-sonnet-4-5
   dangerously_skip_permissions: true
   disable_autocompact: true
+  allowed_tools:
+    - read
+    - glob
+    - grep
+    - edit
+    - bash
 
 server:
   port: 8642
@@ -60,6 +66,9 @@ server:
      turn. Session IDs are preserved across turns, so continuation uses
      the existing session instead of starting over.
 
+     This sample also pins an explicit tool allowlist so OpenCode does
+     not fall back to its permissive default tool policy.
+
      Required env vars:
        SORTIE_JIRA_ENDPOINT  — Jira Cloud base URL (e.g. https://mycompany.atlassian.net)
        SORTIE_JIRA_API_KEY   — Jira API token