Automic VaultAutomic Vault

brew

Install intercept with Homebrew

Static Application Security Testing (SAST) tool. Version 1.0.12 via Homebrew; verified from local package data.

install

Additional install commands

macOS

Homebrewverified · 100%
brew install intercept

local Homebrew formula metadata

overview

Package summary

Static Application Security Testing (SAST) tool

Commands and aliases

  • intercept

history

Project history and usage

INTERCEPT is a small DevSecOps security CLI centered on policy-as-code auditing, SAST-style scanning, compliance reporting, and observe-mode monitoring. Its documentation frames the tool around policy files, audit runs, SARIF output, and an observe daemon for file, service, mount, and configuration drift.

Project history

The GitHub repository was created in March 2020 under `xfhg/intercept`. Public release metadata shows a 1.0 series in 2024 and 2025, with the v1.0.11 notes calling out GitHub Actions integration, compliant output examples, performance optimizations, hooks signatures, auth options, and a remote policy execution endpoint.

Adoption history

INTERCEPT's adoption footprint is modest and security-specialist oriented. Homebrew packaging gives it a simple macOS/Linux install path, while the official docs and release notes focus on CI, audit output, and policy execution rather than library embedding.

How it is used

The documented workflow starts from a YAML policy file, then runs `intercept audit` to cycle through loaded policies and produce compliance reports or `intercept observe` to monitor paths and trigger policy audits. The docs describe policy types such as scan, assure, API, JSON, YAML, TOML, INI, runtime, and Rego.

Why package nerds care

INTERCEPT is notable less as a large ecosystem and more as a packageable example of the policy-as-code trend entering single-binary CLI tooling. It bundles security scanning, compliance report generation, and daemon-style observation behind a package-manager-installable command.

Timeline

  • 2020: The GitHub repository was created.
  • 2024: The v1.0 release series added CI and compliant-output focused features.
  • 2025: The v1.0.13 release continued Windows/file-integrity-monitoring work in the 1.0 line.

Related projects

  • INTERCEPT's policy-as-code and Rego support place it near Open Policy Agent workflows, while its SARIF output ties it to GitHub code-scanning and SAST tooling conventions.

Sources

  • Official repository README, official documentation, GitHub release metadata, GitHub repository metadata, and Homebrew formula metadata.

security posture

Risk level: green

narrow executable package without higher-risk signals.

Risk classifier

green risk · low confidence · appliance

Why

  • narrow executable package without higher-risk signals

Signals

  • metadata:no-higher-risk-signals

Install behavior

  • No Homebrew post-install hook is recorded in formula metadata.
  • Homebrew bottle metadata is available for 6 platform targets.
  • Build metadata lists 1 build dependencies.

Recommended review

Before unattended agent use, check whether the tool reads plaintext credentials, writes remote state, publishes artifacts, or shells out to plugins.

executables

Installed executables

CommandKindExposureNote
interceptcliglobal executable

freshness

Version and freshness

These signals separate page generation age, package-manager activity, and upstream release comparison. Version lag is warned only when an evidence URL and comparable versions are present.

page generated2026-07-08
manager version1.0.12
manager updated
local dataok
upstreamcurrent
latest detectedv1.0.12

https://github.com/xfhg/intercept

  • infoNo package-manager update timestamp was available.low confidence

install metadata

Package metadata

Package keybrew:intercept
Version1.0.12
Package managerHomebrew
Package manager pagehttps://formulae.brew.sh/formula/intercept
Homepagehttps://intercept.cc
Repositoryhttps://github.com/xfhg/intercept
Upstream docshttps://intercept.cc/
LicenseEUPL-1.2
Source archivehttps://github.com/xfhg/intercept/archive/refs/tags/v1.0.12.tar.gz
Build dependenciesgo
Bottleavailable (on arm64_linux, arm64_sequoia, arm64_sonoma, arm64_tahoe, sonoma, x86_64_linux)
Homebrew post-installnot defined
Servicenone declared

registry facts

Source database details

Source DatabaseHomebrew formula API
Taphomebrew/core
Full Nameintercept
Version Scheme1
Revision0
Head VersionHEAD
Bottle Stable Root URLhttps://ghcr.io/v2/homebrew/core
Deprecatedno
Disabledno
Keg Onlyno
URL Keys
  • head
  • stable

source trail

Generated from repository data

This page is generated by av-web from the private package SQLite artifact built by scripts/generate-pkg-sqlite.py.

Used sources

  • Geiger risk classifier
  • Nucleus package database
  • av.db category and tag curation
  • cross-ecosystem install command graph
  • curated package history
  • package relationship graph
  • package version freshness
  • package-page enrichment