Installation
opencode.json:
.env in your project root to catch exact secret values wherever they appear.
Requires Node.js 18+ and depends on the
rehydra SDK package (installed automatically).Configuration
For custom settings, create.opencode/plugins/rehydra.ts:
Options
What Gets Detected
The plugin uses Rehydra’s full detection suite automatically — no configuration needed. Structured PII — detected via pattern matching:- Emails, phone numbers, credit card numbers
- IBANs, BIC/SWIFT codes, account numbers
- IP addresses, URLs (disabled by default — set
disableTypes: []to enable) - Tax IDs, national IDs
- API keys (OpenAI, Anthropic, GitHub, Stripe, Slack, and others)
- JWTs, private keys (PEM), connection strings
- AWS access keys and secret keys
- Secret values in
.envfiles and JSON/YAML/TOML configs
- Names, organizations, locations, addresses
- Exact values from
.envfiles (matched anywhere in text) - Explicit values passed via
redactValues
How It Works
The plugin uses five OpenCode hooks — everything runs locally and no data leaves your machine except the scrubbed conversation sent to the LLM provider.Session Handling
Each OpenCode session gets its own Rehydra session. PII mappings are consistent within a session — the same secret always maps to the same placeholder, so the LLM can reason about relationships between values without seeing the real data.Tool Argument Rehydration
When the LLM generates a tool call (e.g., a shell command containing a placeholder), the plugin deep-walks all argument values and restores real secrets before execution. This means commands likegit push, curl, or zwrm secrets set receive the actual credential values.
OpenCode’s
tool.execute.before hook passes args by reference — the plugin mutates args in-place rather than replacing the object, which is required for the rehydrated values to take effect.Logging
Plugin activity is logged to OpenCode’s log directory (~/.local/share/opencode/log/). Run OpenCode with --log-level DEBUG for detailed output.
Custom Tag Format
UsetagFormat to change placeholder delimiters, for example when XML-style tags interfere with your workflow:
[[PII type="EMAIL" id="1"]] instead of <PII type="EMAIL" id="1"/>.
Advanced: Full Anonymizer Config
For full control, pass ananonymizer config directly. This overrides envFiles, redactValues, and minValueLength:
createAnonymizer API reference for all available options.
Next Steps
PII Types
See all PII types Rehydra can detect
LLM Proxy
Anonymize API calls in server-side workflows