Over the last few weeks I've been working on HEXZ, an upgrade layer for OpenCode that adds security tooling, project memory, MCP integration, design scaffolding, web search workflows, and stricter AI output enforcement.
The project is still in active testing and bug hunting, but it's already usable enough to share with the community and gather feedback.
Why I Started Building It
Most coding assistants are good at generating code.
The problem starts after generation.
They often:
- Skip research
- Miss security issues
- Forget project context
- Produce repetitive AI-style writing
- Make destructive changes without validation
- Have limited access to external tools and workflows
I wanted something that behaves more like an engineering workflow than a chatbot.
The goal of HEXZ is simple:
Research first. Plan before execution. Simulate risky actions. Scan before shipping.
What HEXZ Adds to OpenCode
Anti-Slop Engine
One thing that annoys me when using AI tools is the amount of repetitive filler language.
HEXZ enforces stricter technical writing by detecting and discouraging common AI-tell patterns.
Examples include:
- Overused buzzwords
- Repetitive sentence structures
- Generic marketing language
- Unnecessary filler phrases
The objective isn't to make responses sound human.
The objective is to make responses more useful.
Security Toolkit
Security was one of the largest areas I wanted to improve.
HEXZ currently includes:
- 769+ cybersecurity skills
- MITRE ATT&CK mappings
- NIST CSF 2.0 mappings
- OWASP Top 10 coverage
- Vulnerability scanning workflows
- Threat hunting references
- Forensics and malware analysis resources
Domains currently covered include:
- Recon & OSINT
- Web Security
- Cloud Security
- Incident Response
- Threat Hunting
- Malware Analysis
- Network Security
- Red Team Operations
- Blue Team Defense
The idea is not to replace dedicated security tools.
It's to give the AI assistant enough context to reason about security during development.
MCP Support
HEXZ can connect to Model Context Protocol (MCP) servers.
This allows OpenCode to interact with:
- Databases
- Filesystems
- APIs
- External services
Instead of hardcoding integrations, the assistant can discover and use tools dynamically through MCP.
Persistent Memory
One frustration with many AI coding sessions is that context disappears after restart.
HEXZ adds persistent memory for:
- Project context
- Session summaries
- Preferences
- Model routing settings
This allows workflows to survive across multiple sessions.
Design Scaffold Generator
Sometimes you need a quick UI direction before implementation.
HEXZ includes a design scaffold system with:
- 150+ design systems
- 100+ templates
- HTML/CSS mockup generation
The goal isn't pixel-perfect design.
It's faster prototyping and idea validation.
Web Search Before Code
A rule I keep returning to:
Research before implementation.
HEXZ can enforce a workflow where web search happens before code generation.
That sounds simple, but it prevents a surprising number of outdated assumptions and hallucinated implementations.
Workflow Philosophy
HEXZ follows a structured pipeline:
RESEARCH
↓
PLAN
↓
SIMULATE
↓
BUILD
↓
SCAN
↓
REVIEW
For destructive operations, a simulation step is required first.
The objective is reducing avoidable mistakes rather than maximizing generation speed.
Current Status
The project is not production-ready yet.
Current focus:
- Testing
- Bug hunting
- Stability improvements
- Performance tuning
- Edge-case validation
Some features work well already, while others still need refinement.
This is exactly why I'm sharing it early.
Looking for Feedback
I'm particularly interested in feedback around:
- OpenCode plugin architecture
- MCP workflows
- Security scanning logic
- Model routing strategies
- Memory design
- Developer experience
If you've built similar tooling, I'd love to hear what worked, what failed, and what you'd do differently.
The repository is open source, and contributions are welcome.
GitHub:
HexZoNetwork
/
opencode-hexz
simple plugin that will make your model smarter
HEXZ
OpenCode & MiMo Code Upgrade Layer
A plugin for OpenCode, MiMo Code, Claude Code, and OpenAI Codex — anti-slop enforcement, 769+ cybersecurity skills, design scaffolding, web search, OCR, screenshots, MCP, persistent memory, and PR automation
Important
Claude Code and Codex support is untested and experimental. OpenCode remains the primary target — contributions welcome.
Warning
Recommended for Linux. Windows support via install.bat is experimental — contributions welcome.
Contents
- Features
- Installation
- Usage
- Model Routing
- Cybersecurity Suite
- Build Workflow
- Anti-Slop Rules
- Configuration
- Development
- Uninstall
- Security
Features
Anti-Slop Engine
Banned filler words (delve, leverage, robust, etc.), forced technical writing, varied sentence structure
Cybersecurity Suite
769+ skills across 15 domains with MITRE ATT&CK, NIST CSF 2.0, and OWASP Top 10 mappings
Design Scaffold
HTML/CSS mockups across 150+ design systems and 109+ templates
Web Search
DuckDuckGo integration — called before writing code
Image OCR
Text extraction from screenshots, errors, diagrams via tesseract.js
Web
I'm planning to keep building this in public and posting updates as the project evolves.
Preview:
Model: deepseek v4 flash free+ Hexz plugin
First prompt: Build me a porotofolio web at ./test based on .
Second prompt: update this folder
Model: deepseek v4 pro without hexz
The prompt is about 1.2k line leght so i cant paste it here




Top comments (0)