Changed

• Context unit formatting — context estimates now switch from K to M after one million tokens for easier reading.
• Loaded-only MCP guidance — autogenerated on-demand MCP guidance now includes only successfully loaded MCPs, keeping failed or pending servers out of main-agent instructions.
• Startup guidance refresh — Raven now preserves existing autogenerated on-demand MCP guidance during startup and rewrites it only after MCP health checks update.

Added

• On-Demand MCPs — Raven can now connect to MCP servers from onDemandMcpServers internally through Raven-only raven_mcp, keeping full MCP schemas out of the main OpenCode session.
• Remote and stdio MCP support — on-demand MCPs support remote HTTP/SSE servers and local stdio servers.
• On-demand MCP metadata — Raven fills missing autoGeneratedDescription and autoGeneratedTools, with /raven mcp refresh [server] and /raven mcp detail full|minimized commands.
• Avoided MCP schema stats — /raven stats now shows Avoided MCP schema load separately from delegated session and all-time savings.
• MCP failure notifications — Raven shows a warning toast after startup or manual refresh when on-demand MCPs fail to load.
• Duplicate MCP warnings — Raven warns when the same MCP server name is configured globally in OpenCode and in onDemandMcpServers.
• Help command — /raven help now lists all Raven commands.

Changed

• Bundled MCP defaults — Context7, Exa, and Grep.app now default to on-demand MCP entries instead of global OpenCode MCP injection.
• Global MCP routing — global MCPs configured in OpenCode are now auto-routed by detected server name, so routeMcpServers is no longer user-facing config.
• Raven prompt/guidance — guidance now distinguishes globally configured MCPs from on-demand MCPs and teaches Raven to use raven_mcp internally.
• Global Raven files — Raven now stores global files under ~/.config/opencode/opencode-raven/, with generated on-demand MCP metadata split out of raven-config.json into autogenerated-on-demand-mcp-metadata.json.
• Loaded-only schema stats — failed or pending on-demand MCPs no longer count toward Avoided MCP schema load.
• On-demand MCP health — /raven and /raven mcp now show loaded, failed, and pending MCPs based on current-run connection checks instead of stale generated metadata.
• Shorter status output — /raven now points to /raven help instead of printing the full command list inline.
• Clearer routing labels — /raven now distinguishes routed global MCPs from on-demand MCPs, which are always behind Raven.
• Default routed tools — websearch is routed by default because it is a built-in OpenCode search tool.

Added

• Keyword tool routing — routeToolKeywords and /raven route keyword ... route tools whose names contain a configured keyword, catching suffix-style MCP names like web_search_exa.

Changed

• Stats formula — context saved now uses a balanced estimate: final Raven session tokens minus the first assistant turn's input/cache baseline, then minus the compact answer returned. This counts tool/web/MCP result context while avoiding Raven prompt/tool-schema overhead.

Added

• Configurable tool/MCP routing — Raven can now route arbitrary tools or MCP server prefixes through raven_seek using routeTools, routeMcpServers, or /raven route ... commands.
• Bundled MCP toggle — raven-config.json now includes allowBundledMCPServers to enable or disable Raven's bundled Context7, Exa, and Grep.app MCP defaults while preserving any existing opencode.jsonc MCP settings.
• Custom Raven instructions — ravenInstructions lets users append extra Raven-only prompt guidance for custom MCPs without editing package files.

Changed

• Hard rerouting, not soft guidance — Raven is now documented and configured as a hard tool/MCP blocker-rerouter. Configured tools are blocked for non-Raven agents and must go through raven_seek.
• Generalized beyond search — Raven still defaults to search/fetch/docs/GitHub routing, but can route any MCP whose opencode tool names share a prefix.
• Config migration — default routed tools/MCP server prefixes are added to raven-config.json only when those fields are missing, so user removals stay removed.
• Bash routing visibility — search-like bash command routing is now controlled by bash in routeTools. Remove bash to allow commands like rg, Get-ChildItem -Recurse, and dir /s directly.
• Default routing cleanup — removed websearch from default routed tools/MCP prefixes. Users who need it can add it manually with /raven route tool add websearch or /raven route mcp add websearch.
• Compact reroute errors — blocked MCP/tool calls now strip null and empty args before showing the raven_seek retry hint, reducing failed-call context noise.

Fixed

• Accurate context saved stats — /raven stats now reflects actual model token usage from session.messages() (last assistant message tokens × 4), not string output length. Both raven_seek and direct @Raven use the same formula: totalSessionTokens × 4 − prompt − output.

Changed

• /raven output — now includes Raven context saved section with session and all-time totals.
• /raven stats output — renamed from "context processed" to "context saved" with clearer labeling.

Changed

• More reliable update notifications — startup update toasts are now shown from the event hook after the TUI event stream is active instead of during config loading.
• /raven default output — now shows the loaded Raven package version and npm update availability.

Fixed

• Piped bash output filters — commands like command | grep ..., command | rg ..., command | findstr ..., and command | head ... are now allowed as bounded output filters instead of being rerouted to Raven.
• Raven recursion prevention — raven_seek is denied inside the Raven agent so Raven cannot recursively call its own wrapper tool.
• Model recovery after blocked tools — blocked tool errors now provide a short direct raven_seek(query="...") next-call hint using the attempted query/args.
• Bash false positives — narrowed recursive/listing detection (ls -r, plain cmd /c dir, simple Get-ChildItem, comments, and bash descriptions no longer trigger blocking).

Changed

• Bash search detection — Raven still blocks primary discovery commands like rg "foo" ., grep -R, find . -name, dir /s, and Get-ChildItem -Recurse, but no longer treats simple pipeline filtering as a Raven-worthy search.
• Raven guidance — raven_seek is described as the primary search/fetch/inspection tool, with explicit URL and command-output inspection support.
• MCP defaults — Context7/Exa/Grep.app defaults now merge with existing user MCP config instead of overwriting custom headers, URLs, or disabled state.

Added

• /raven update — checks npm for a newer Raven version, clears opencode's cached Raven plugin package when needed, and prompts the user to restart.
• Startup update notification — Raven checks npm at startup and shows a TUI toast when an update is available.
• Config auto-migration — existing raven-config.json files are normalized on startup so newly-added default fields are populated automatically.

Changed

• Update docs — README now includes /raven update, manual bun/npm update commands, and opencode cache-clearing instructions.

Added

• Session tree visibility — Raven sessions created by raven_seek now appear in the session tree (Ctrl+X Down) via parentID linking.

Changed

• tool.execute.after — no longer a stub; now counts output bytes from direct @Raven task calls for accurate stats.

Added

• raven_seek timeout — configurable timeout (default 180s). Session kept alive on timeout for inspection. /raven timeout <seconds> command.
• Session debugger — scripts/debug-raven.ts auto-detects the latest session and shows tool calls, timing, status, and errors.

Changed

• raven_seek timing — every response includes elapsed time and token count.

Fixed

• cmd /c bypass — cmd /c dir, cmd /c findstr, cmd /c find, cmd /c where, cmd /c tree now blocked.
• raven_seek wording — tool description, reroute messages, and guidance clarify Raven handles ALL search types (local codebase, web, docs, GitHub).
• Case-insensitive bash blocking — SEARCH_BASH_RE now case-insensitive.
• Unrestricted bash for Raven — bash: allow instead of restrictive whitelist. Raven can now use dir, ls, Get-ChildItem for fast filesystem searches instead of slow glob.
• External directory access — external_directory: allow prevents silent permission-prompt hangs in raven_seek sessions.