by avast
Lightweight Agent Detection & Response (ADR) layer for AI agents — guards commands, files, and web requests. Part of Gen Agent Trust Hub.
# Add to your Claude Code skills
git clone https://github.com/avast/sageSafety for Agents - a lightweight Agent Detection & Response (ADR) layer for AI agents that guards commands, files, and web requests.
Sage intercepts tool calls (Bash commands, URL fetches, file writes) via hook systems in Claude Code, Cursor / VS Code, OpenClaw, and OpenCode, and checks them against:
Requires Node.js >= 18.
/plugin marketplace add https://github.com/avast/sage.git
/plugin install sage@sage
Build and install the extension, then run Sage: Enable Protection from the command palette.
pnpm install && pnpm -C packages/extension run package:cursor:vsix
# From npm (recommended)
openclaw plugins install @gendigital/sage-openclaw
# From source
pnpm install && pnpm build
cp -r packages/openclaw sage && openclaw plugins install ./sage
Use a local source checkout and add the plugin path in OpenCode config:
git clone https://github.com/avast/sage
cd sage
pnpm install
pnpm --filter @sage/opencode run build
No comments yet. Be the first to share your thoughts!
{
"plugin": ["/absolute/path/to/sage/packages/opencode"]
}
See Getting Started for detailed instructions.
| Document | Description | | ------------------------------------------------ | ---------------------------------------------- | | Getting Started | Installation for all platforms | | How It Works | Detection layers, data flow, verdicts | | Configuration | All config options and file paths | | Threat Rules | YAML rule format and what gets checked | | Package Protection | npm/PyPI supply-chain checks | | Plugin Scanning | Session-start plugin scanning | | AMSI Scanning | Windows antimalware scanning via AMSI | | Architecture | Monorepo structure, packages, design decisions | | Development | Building, testing, tooling, conventions | | FAQ | Common questions | | Privacy | What data is sent, what stays local |
Platform guides: Claude Code · Cursor / VS Code · OpenClaw · OpenCode
mcp__*) is not yet implemented~/.sage/threats/) are not yet implementedSage sends URL hashes and package hashes to Gen Digital reputation APIs. File content, commands, and source code stay local. Both services can be disabled for fully offline operation. See Privacy for details.
See CONTRIBUTING.md for development setup, coding conventions, and the threat rule contribution process.
Copyright 2026 Gen Digital Inc.
threats/): Detection Rule License 1.1