I don't find a closed-source Chinese agent system trustworthy.
It is essentially a black box with full user permissions, meaning you are just handing over your entire system to a Chinese-owned server. With OpenCode and its GLM provider, at least I can monitor which files were read, which were edited, and what commands were executed.
Not to mention that Chinese national security laws legally obligate companies to cooperate with state intelligence and counter-espionage efforts [0]. If you have this installed on a corporate workstation, and your company is large enough, the possibility of them spying on you is not just a risk—it's almost a certainty.
[0]: https://en.wikipedia.org/wiki/National_Intelligence_Law_of_t...
At least the model weights are open, I’m not American, so to me this is much more trustworthy in every possible way. You’re talking as if US intelligence are the good guys, and to me at least, they are not to any extent.
This is exactly the same with providers from the USA.
That's why I like to use Reasonix with Deepseek. Hitting cache makes requests basically free and that's through unsubsidized American providers like Digital Ocean or cloudflare.
You can always run it in bwrap or rootless podman.
In a sense it's a clean reminder that all these, especially non-local, llm tools should NEVER run outside a container. I'm currently looking at z-jail specifically for these scenarios; VMs are too heavy & expose too many sec issues of their own for continual integrated use in my case.
Run it in a container under Opencode. It works great, and I even upgraded to their pro plan (~$60/month). If you want it in a container, there's info in my profile under my projects. That code is entirely open source, and it's there simply because I built what I needed for my own work. I'm sure there a zillion other ways to do it. However, I highly advise against running any agent on bare metal, regardless of the company's country of origin. My thesis addresses this directly and repeatedly.
By the way, some pedant recently asked why anyone would run software with only a few stars. My thoughts on that are minimal: people can practice whatever slop logic they want. I've architected and built systems that handled tens of thousands of users. I'm not fucking around. The way I build isn't typical, and I don't suggest anyone try to mimic my approach, but it works for me and the way my mind processes complex systems.
To the peanut gallery: use it or don't, but don't give me a hard time unless you're ready to get one back. I've made plenty of mistakes in my career, and accountability is a crucial part of growth. I'm more than willing to work with anyone using my code, provided they bring valid, substantial criticism to the table.
yes but the americans are also doing it, and i don’t really work on anything worth spying on
NSA can also legally force companies to spy. Secret spy courts and gag orders are a thing.
Actually there are more such cases against the USA than China in public.
I'm in the US. The benefit of the Chinese spying on me vs a US company is the Chinese can't come to my door and take me to jail.
As someone who loves using OpenCode w/ local Chinese open source models, this is basically my take on this as well. There's no way I would ever put a piece of proprietary Chinese software that gets full system control on anything important. This is definitely something I would only ever run sandboxed in a lab environment for toy projects, not for serious work. I feel only marginally better about Codex/Claude Code, hence my strong preference for local LLMs w/ OpenCode, but a proprietary approach to Chinese models is a hard no from me dawg.
so basically no worse than europe or usa, but they are just more open about it
> It is essentially a black box with full user permissions,
You mean, like Windows and Android?
I agree. I don't find the US competitors trustworthy either. I think open source is the way here.