Lightweight Agent Detection & Response (ADR) layer for AI agents — guards commands, files, and web requests. Part of Gen Agent Trust Hub.
# Add to your Claude Code skills
git clone https://github.com/gendigitalinc/sageLast scanned: 5/30/2026
{
"issues": [],
"status": "PASSED",
"scannedAt": "2026-05-30T15:31:46.010Z",
"npmAuditRan": true,
"pipAuditRan": true
}sage is an open-source ai agents skill for AI coding assistants such as Claude Code, Codex CLI, and ChatGPT, built by gendigitalinc. Lightweight Agent Detection & Response (ADR) layer for AI agents — guards commands, files, and web requests. Part of Gen Agent Trust Hub. It has 235 GitHub stars.
Yes. sage passed SkillsLLM's automated security scan — a dependency vulnerability audit plus prompt-injection heuristics — with no high-severity issues. You can read the full report in the Security Report section on this page.
Clone the repository with "git clone https://github.com/gendigitalinc/sage" and add it to your Claude Code skills directory (see the Installation section above).
sage is primarily written in TypeScript. It is open-source under gendigitalinc on GitHub, so you can review or fork the full source.
Yes. SkillsLLM lists many other AI Agents skills you can browse and compare side by side. Open the AI Agents category from the badge at the top of this page, or use the Related Skills and comparison links further down to weigh sage against similar tools.
No comments yet. Be the first to share your thoughts!
Sage is a lightweight security layer that protects AI agents from executing dangerous actions. It intercepts tool calls — shell commands, URL fetches, file writes — and checks them against multiple threat detection layers before they run.
Note: Sage may appear under a different product name (e.g., Norton Sage, Avast Sage) depending on how it was installed. See Branding for details.
Visit ai.gendigital.com/sage for the latest installation instructions, or use the platform-specific guides below.
Claude Code — install guide · requires Node.js >= 18
/plugin marketplace add https://github.com/gendigitalinc/sage.git
/plugin install sage@sage
Cursor — install guide · install the Gen Sage extension from the marketplace
VS Code — install guide · install the Gen Sage extension from the marketplace
OpenClaw — install guide · install from npm
openclaw plugins install @gendigital/sage-openclaw
OpenCode — install from npm by adding to ~/.config/opencode/opencode.json:
{
"plugin": ["@gendigital/sage-opencode"]
}
See Getting Started for detailed instructions and User Guide for verification, configuration, and troubleshooting.
For privacy considerations, please refer to Privacy.
| Document | Description |
|---|---|
| User Guide | Verify install, handle alerts, manage false positives |
| Getting Started | Installation for all platforms |
| How It Works | Detection layers, data flow, verdicts |
| Configuration | All config options and file paths |
| Exceptions | Pattern-based allow/deny rules |
| Threat Rules | YAML rule format and what gets checked |
| Package Protection | npm/PyPI supply-chain checks |
| Plugin Scanning | Session-start plugin scanning |
| Prompt Injection | ML + heuristic prompt injection detection |
| AMSI Scanning | Windows antimalware scanning via AMSI |
| MCP Server | Shared MCP server architecture |
| Architecture | Monorepo structure and design decisions |
| Privacy | What data is sent, what stays local |
| Audit Log | On-disk JSONL schema (entries, signals, content) |
| Development | Building, testing, tooling, conventions |
| FAQ | Common questions |
Platform guides: Claude Code · Cursor / VS Code · OpenClaw · OpenCode
See CONTRIBUTING.md for development setup, coding conventions, and the threat rule contribution process.
Copyright 2026 Gen Digital Inc.
threats/): Detection Rule License 1.1