by avast
Lightweight Agent Detection & Response (ADR) layer for AI agents — guards commands, files, and web requests. Part of Gen Agent Trust Hub.
# Add to your Claude Code skills
git clone https://github.com/avast/sageSafety for Agents - a lightweight Agent Detection & Response (ADR) layer for AI agents that guards commands, files, and web requests.
<p align="center"> <img src="images/sage-logo-shaded.png" alt="Sage" width="50%"> </p>Sage intercepts tool calls (Bash commands, URL fetches, file writes) via hook systems in Claude Code, Cursor / VS Code, OpenClaw, and OpenCode, and checks them against:
Requires Node.js >= 18.
/plugin marketplace add https://github.com/avast/sage.git
/plugin install sage@sage
Build and install the extension, then run Sage: Enable Protection from the command palette.
pnpm install && pnpm -C packages/extension run package:cursor:vsix
# From npm (recommended)
openclaw plugins install @gendigital/sage-openclaw
# From source
pnpm install && pnpm build
cp -r packages/openclaw sage && openclaw plugins install ./sage
Use a local source checkout and add the plugin path in OpenCode config:
git clone https://github.com/avast/sage
cd sage
pnpm install
pnpm --filter @sage/opencode run build
{
"plugin": ["/absolute/path/to/sage/packages/opencode"]
}
See Getting Started for detailed instructions.
| Document | Description | | ------------------------------------------------ | ---------------------------------------------- | | Getting Started | Installation for all platforms | | How It Works | Detection layers, data flow, verdicts | | Configuration | All config options and file paths | | Threat Rules | YAML rule format and what gets checked | | Package Protection | npm/PyPI supply-chain checks | | Plugin Scanning | Session-start plugin scanning | | AMSI Scanning | Windows antimalware scanning via AMSI | | Architecture | Monorepo structure, packages, design decisions | | Development | Building, testing, tooling, conventions | | FAQ ...
No comments yet. Be the first to share your thoughts!