Discover and explore top open-source AI tools and projects—updated daily.
gendigitalincAgent security layer for AI command and data protection
Top 99.8% on SourcePulse
Sage provides a lightweight Agent Detection and Response (ADR) layer designed to enhance the security of AI agents by intercepting and validating potentially dangerous actions. It targets developers and users of AI coding assistants, offering a multi-layered defense against malicious commands, file operations, and web requests, thereby improving the trustworthiness of AI agent interactions.
How It Works
Sage operates by intercepting critical tool calls, including shell commands, file writes, and URL fetches, before execution. It employs a multi-stage threat detection pipeline. This includes cloud-based URL reputation checks for known malicious sites, local heuristics leveraging over 300 YAML-defined threat patterns for suspicious commands and data, and a two-tier prompt injection defense combining heuristics with a fine-tuned machine learning model. Additionally, it performs package supply-chain analysis for npm/PyPI dependencies and integrates with the Windows Antimalware Scan Interface (AMSI) for enhanced endpoint security.
Quick Start & Requirements
Installation varies by platform:
plugin install sage@sage.openclaw plugins install @gendigital/sage-openclaw."@gendigital/sage-opencode" to ~/.config/opencode/opencode.json.
Refer to ai.gendigital.com/sage for the latest instructions and the User Guide for detailed setup.Highlighted Details
Maintenance & Community
The project is copyrighted by Gen Digital Inc. Contribution guidelines are available in CONTRIBUTING.md, suggesting community involvement is possible. No specific community channels (like Discord/Slack) or roadmap links are provided in the README.
Licensing & Compatibility
The source code is licensed under the Apache License 2.0. Threat detection rules are under a separate "Detection Rule License 1.1". The Apache 2.0 license is permissive and generally compatible with commercial use and closed-source linking.
Limitations & Caveats
AMSI integration is specific to Windows and WSL environments; it functions as a no-op on macOS and non-WSL Linux systems. The project may be distributed under different product names (e.g., Norton Sage, Avast Sage), which could lead to user confusion regarding installation or branding.
4 weeks ago
Inactive
aliasrobotics