macOS
brew install interceptlocal Homebrew formula metadata
brew
Static Application Security Testing (SAST) tool. Version 1.0.12 via Homebrew; verified from local package data.
install
brew install interceptlocal Homebrew formula metadata
overview
Static Application Security Testing (SAST) tool
history
INTERCEPT is a small DevSecOps security CLI centered on policy-as-code auditing, SAST-style scanning, compliance reporting, and observe-mode monitoring. Its documentation frames the tool around policy files, audit runs, SARIF output, and an observe daemon for file, service, mount, and configuration drift.
The GitHub repository was created in March 2020 under `xfhg/intercept`. Public release metadata shows a 1.0 series in 2024 and 2025, with the v1.0.11 notes calling out GitHub Actions integration, compliant output examples, performance optimizations, hooks signatures, auth options, and a remote policy execution endpoint.
INTERCEPT's adoption footprint is modest and security-specialist oriented. Homebrew packaging gives it a simple macOS/Linux install path, while the official docs and release notes focus on CI, audit output, and policy execution rather than library embedding.
The documented workflow starts from a YAML policy file, then runs `intercept audit` to cycle through loaded policies and produce compliance reports or `intercept observe` to monitor paths and trigger policy audits. The docs describe policy types such as scan, assure, API, JSON, YAML, TOML, INI, runtime, and Rego.
INTERCEPT is notable less as a large ecosystem and more as a packageable example of the policy-as-code trend entering single-binary CLI tooling. It bundles security scanning, compliance report generation, and daemon-style observation behind a package-manager-installable command.
security posture
narrow executable package without higher-risk signals.
green risk · low confidence · appliance
Before unattended agent use, check whether the tool reads plaintext credentials, writes remote state, publishes artifacts, or shells out to plugins.
executables
| Command | Kind | Exposure | Note |
|---|---|---|---|
intercept | cli | global executable |
freshness
These signals separate page generation age, package-manager activity, and upstream release comparison. Version lag is warned only when an evidence URL and comparable versions are present.
https://github.com/xfhg/intercept
install metadata
| Package key | brew:intercept |
|---|---|
| Version | 1.0.12 |
| Package manager | Homebrew |
| Package manager page | https://formulae.brew.sh/formula/intercept |
| Homepage | https://intercept.cc |
| Repository | https://github.com/xfhg/intercept |
| Upstream docs | https://intercept.cc/ |
| License | EUPL-1.2 |
| Source archive | https://github.com/xfhg/intercept/archive/refs/tags/v1.0.12.tar.gz |
| Build dependencies | go |
| Bottle | available (on arm64_linux, arm64_sequoia, arm64_sonoma, arm64_tahoe, sonoma, x86_64_linux) |
| Homebrew post-install | not defined |
| Service | none declared |
registry facts
| Source Database | Homebrew formula API |
|---|---|
| Tap | homebrew/core |
| Full Name | intercept |
| Version Scheme | 1 |
| Revision | 0 |
| Head Version | HEAD |
| Bottle Stable Root URL | https://ghcr.io/v2/homebrew/core |
| Deprecated | no |
| Disabled | no |
| Keg Only | no |
| URL Keys |
|
source trail
This page is generated by av-web from the private package SQLite artifact built by scripts/generate-pkg-sqlite.py.
View the package source record on GitHub.