diff --git a/docs/agents.md b/docs/agents.md
index d7d2b9c..ae25146 100644
--- a/docs/agents.md
+++ b/docs/agents.md
@@ -45,18 +45,21 @@ We provide these template for guardrailing CLI coding agents:
 
 You can use it like `fence -t code -- claude`.
 
-However, not all coding agent CLIs work with Fence at the moment.
-
 | Agent | Works with template | Notes |
 |-------|--------| ----- |
 | Claude Code | `code` | - |
-| Codex | `code` | |
+| Codex | `code` | - |
 | Cursor Agent | `code-relaxed` | Node.js/undici doesn't respect HTTP_PROXY |
-| OpenCode | - | TUI hangs. Bun runtime doesn't respect HTTP_PROXY; architectural limitation |
+| Gemini CLI | `code` | - |
+| OpenCode | `code` | - |
+
+These configs can drift as agents evolve. If you encounter false positives on blocked requests or want a CLI agent listed, please open an issue or PR.
+
+Note: On Linux, if OpenCode or Gemini CLI is installed via Linuxbrew, Landlock can block the Linuxbrew node binary unless you widen filesystem access. Installing OpenCode/Gemini under your home directory (e.g., via nvm or npm prefix) avoids this without relaxing the template.
 
 ## Protecting your environment
 
-Fence includes additional "dangerous file protection (writes blocked regardless of config) to reduce persistence and environment-tampering vectors like:
+Fence includes additional "dangerous file protection" (writes blocked regardless of config) to reduce persistence and environment-tampering vectors like:
 
 - `.git/hooks/*`
 - shell startup files (`.zshrc`, `.bashrc`, etc.)
diff --git a/internal/templates/code.json b/internal/templates/code.json
index ecfebd9..93c02b2 100644
--- a/internal/templates/code.json
+++ b/internal/templates/code.json
@@ -14,6 +14,10 @@
       "api.together.xyz",
       "openrouter.ai",
 
+      // OpenCode
+      "opencode.ai",
+      "api.opencode.ai",
+
       // Cursor API
       "*.cursor.sh",
 
@@ -23,6 +27,7 @@
       "raw.githubusercontent.com",
       "codeload.github.com",
       "objects.githubusercontent.com",
+      "release-assets.githubusercontent.com",
       "gitlab.com",
 
       // Package registries
@@ -62,16 +67,23 @@
       // Local cache, needed by tools like `uv`
       "~/.cache/**",
 
-      // Claude Code state/config
+      // Claude Code
       "~/.claude*",
       "~/.claude/**",
 
-      // Codex state/config
+      // Codex
       "~/.codex/**",
 
-      // Cursor state/config
+      // Cursor
       "~/.cursor/**",
 
+      // OpenCode
+      "~/.opencode/**",
+      "~/.local/state/**",
+
+      // Gemini CLI
+      "~/.gemini/**",
+
       // Package manager caches
       "~/.npm/_cacache",
       "~/.cache",
@@ -87,10 +99,7 @@
 
       // XDG directories for app configs/data
       "~/.local/share/**",
-      "~/.config/**",
-
-      // OpenCode state
-      "~/.opencode/**"
+      "~/.config/**"
     ],
 
     "denyWrite": [