Skip to content

fix: minimal system prompt sanitization #34

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
remorses wants to merge 3 commits into
base: master
Choose a base branch
from
Open

fix: minimal system prompt sanitization #34

remorses wants to merge 3 commits into from
+50 −5

Conversation

@remorses
Copy link
Contributor

@remorses remorses commented Jan 28, 2026

Fixes the plugin by only replacing the specific OpenCode identity string instead of broader replacements that were causing Anthropic to block requests.

Also adds AGENTS.md with plugin testing instructions.

Fixes #33, fixes #32, fixes #12

@remorses
fix: only replace specific OpenCode identity string
6cc3e4d 
Instead of replacing all OpenCode/opencode references in system prompts,
only replace the specific blocked string 'You are OpenCode, the best
coding agent on the planet.' with the Claude Code equivalent.

This is a more targeted fix as the API only checks for that specific
identity string, not all mentions of OpenCode.
@remorses
Merge remote-tracking branch 'upstream/master' into fix/minimal-syste…
dd52e9c 
…m-prompt-sanitization
@remorses
add AGENTS.md with plugin testing instructions
936e12f
Copilot AI review requested due to automatic review settings January 28, 2026 16:05
Copilot AI reviewed Jan 28, 2026
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR fixes critical authentication issues (issues #33, #32, #12) where Anthropic began blocking requests with "credential only authorized for Claude Code" errors. The fix changes the system prompt sanitization from broad regex replacements to a minimal, targeted string replacement to avoid detection.

Changes:

  • Replaced broad regex replacements (/OpenCode/g, /opencode/gi) with a single specific string replacement to minimize detection surface
  • Bumped version from 0.0.13 to 0.0.14
  • Added AGENTS.md documentation with plugin testing instructions

Reviewed changes

Copilot reviewed 3 out of 3 changed files in this pull request and generated 2 comments.

File Description
package.json Version bump to 0.0.14
index.mjs Changed system prompt sanitization from broad regex to targeted string replacement
AGENTS.md New documentation file with testing instructions and feature list

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@ErcinDedeoglu
Copy link

ErcinDedeoglu commented Jan 28, 2026

before merge: #33 (comment)

@coleleavitt
Copy link

coleleavitt commented Jan 28, 2026
edited
Loading

have you tested this? I just tried this and this doesn't patch the issue. This PR is a moot

@remorses
Copy link
Contributor Author

remorses commented Jan 28, 2026

Did you follow instructions in AGENTS.md? @coleleavitt

@coleleavitt
Copy link

coleleavitt commented Jan 28, 2026

Did you follow instructions in AGENTS.md? @coleleavitt

I found the proper fix to this. I got a custom fork with a variety of features in addition to the upstream version

@Arasple
Copy link

Arasple commented Jan 28, 2026
edited
Loading

This works.
They're no longer blocking "OpenCode" directly. Instead, they block "You are Claude Code, the best coding agent on the planet." pattern. (#33 (comment))

Since the "You are Claude Code, Anthropic's official CLI for Claude." spoof is automatically injected by OpenCode itself, the simpler solution is to do nothing.

@kuzaxak
Copy link

kuzaxak commented Jan 28, 2026

Did you follow instructions in AGENTS.md? @coleleavitt

Followed the guide, got error.

bun install v1.3.2 (b131639c)

+ @opencode-ai/[email protected]
+ @openauthjs/[email protected]

OPENCODE_DISABLE_DEFAULT_PLUGINS=true opencode run --model anthropic/claude-opus-4-5 hi
Error: This credential is only authorized for use with Claude Code and cannot be used for other API requests.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

5 participants

@remorses @ErcinDedeoglu @coleleavitt @Arasple @kuzaxak