From b65735929c389b5dad5efa968194a0bfc8fec32e Mon Sep 17 00:00:00 2001
From: Hektor Misplon <hektor.misplon@pm.me>
Date: Fri, 13 Mar 2026 20:27:08 +0100
Subject: [PATCH] fix: prevent 'opencode' from reading SSH private keys or
 'sops' secret files

---
 home/modules/ai-tools/default.nix | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/home/modules/ai-tools/default.nix b/home/modules/ai-tools/default.nix
index 973c4b7..9f0f465 100644
--- a/home/modules/ai-tools/default.nix
+++ b/home/modules/ai-tools/default.nix
@@ -90,6 +90,17 @@ in
           external_directory = {
             "/run/secrets/" = "deny";
             "~/.config/sops/age/keys.txt" = "deny";
+            "~/.ssh/id_rsa" = "deny";
+            "~/.ssh/id_ed25519" = "deny";
+            "~/.ssh/id_ecdsa" = "deny";
+            "~/.ssh/id_dsa" = "deny";
+            "/etc/ssh/ssh_host_rsa_key" = "deny";
+            "/etc/ssh/ssh_host_ed25519_key" = "deny";
+            "/etc/ssh/ssh_host_ecdsa_key" = "deny";
+            "/etc/ssh/ssh_host_dsa_key" = "deny";
+          };
+          command = {
+            sops = "deny";
           };
         };
         plugin = [ "@mohak34/opencode-notifier@latest" ];