# Install intercept with Homebrew

Static Application Security Testing (SAST) tool. Version 1.0.12 via Homebrew; verified from local package data.

## Install

```sh
sudo av install brew:intercept
```

Additional install commands:

### macOS

- Homebrew (100%):

```sh
brew install intercept
```

  Evidence: local Homebrew formula metadata

## Package facts

- **Package key:** brew:intercept
- **Package manager:** Homebrew
- **Package manager page:** <https://formulae.brew.sh/formula/intercept>
- **Version:** 1.0.12
- **Source summary:** Static Application Security Testing (SAST) tool
- **Homepage:** <https://intercept.cc>
- **Repository:** <https://github.com/xfhg/intercept>
- **Upstream docs:** <https://intercept.cc/>
- **License:** EUPL-1.2
- **Source archive:** <https://github.com/xfhg/intercept/archive/refs/tags/v1.0.12.tar.gz>
- **Generated:** 2026-07-08T07:18:31+00:00

## Executables

- intercept (cli)
- intercept (alias)

## Build dependencies

- go

## Install behavior

- Post-install hook: not defined
- Bottle: available on arm64_linux, arm64_sequoia, arm64_sonoma, arm64_tahoe, sonoma, x86_64_linux

## Freshness

- Page generated: 2026-07-08
- Package-manager version: 1.0.12
- Local data: ok
- Upstream repository: https://github.com/xfhg/intercept
- Upstream latest detected: v1.0.12 (current)
- info: No package-manager update timestamp was available.
## Project history and usage

INTERCEPT is a small DevSecOps security CLI centered on policy-as-code auditing, SAST-style scanning, compliance reporting, and observe-mode monitoring. Its documentation frames the tool around policy files, audit runs, SARIF output, and an observe daemon for file, service, mount, and configuration drift.

### Project history

The GitHub repository was created in March 2020 under `xfhg/intercept`. Public release metadata shows a 1.0 series in 2024 and 2025, with the v1.0.11 notes calling out GitHub Actions integration, compliant output examples, performance optimizations, hooks signatures, auth options, and a remote policy execution endpoint.

### Adoption history

INTERCEPT's adoption footprint is modest and security-specialist oriented. Homebrew packaging gives it a simple macOS/Linux install path, while the official docs and release notes focus on CI, audit output, and policy execution rather than library embedding.

### How it is used

The documented workflow starts from a YAML policy file, then runs `intercept audit` to cycle through loaded policies and produce compliance reports or `intercept observe` to monitor paths and trigger policy audits. The docs describe policy types such as scan, assure, API, JSON, YAML, TOML, INI, runtime, and Rego.

### Why package nerds care

INTERCEPT is notable less as a large ecosystem and more as a packageable example of the policy-as-code trend entering single-binary CLI tooling. It bundles security scanning, compliance report generation, and daemon-style observation behind a package-manager-installable command.

### Timeline

- 2020: The GitHub repository was created.
- 2024: The v1.0 release series added CI and compliant-output focused features.
- 2025: The v1.0.13 release continued Windows/file-integrity-monitoring work in the 1.0 line.

### Related projects

- INTERCEPT's policy-as-code and Rego support place it near Open Policy Agent workflows, while its SARIF output ties it to GitHub code-scanning and SAST tooling conventions.

### Sources

- Official repository README, official documentation, GitHub release metadata, GitHub repository metadata, and Homebrew formula metadata.


## Security Notes

narrow executable package without higher-risk signals.

- **Geiger risk:** green / low
- narrow executable package without higher-risk signals

## Source Database Details

- **Source Database:** Homebrew formula API
- **Tap:** homebrew/core
- **Full Name:** intercept
- **Version Scheme:** 1
- **Revision:** 0
- **Head Version:** HEAD
- **Bottle Stable Root URL:** <https://ghcr.io/v2/homebrew/core>
- **Deprecated:** no
- **Disabled:** no
- **Keg Only:** no
- **URL Keys:** head, stable


## Related links

- [Terminal utility packages](https://www.automicvault.com/pkg/terminal-utilities/) - Matched terminal and command-line workflow metadata.
- [Developer build packages](https://www.automicvault.com/pkg/developer-build-tools/) - Matched build, compiler, generator, or developer workflow metadata.
- [Networking and protocol packages](https://www.automicvault.com/pkg/networking-protocol-tools/) - Matched network, protocol, or remote-service metadata.
- [Security and crypto packages](https://www.automicvault.com/pkg/security-crypto-tools/) - Matched security, identity, cryptography, password, signing, or certificate metadata.
- [go](https://www.automicvault.com/pkg/brew/go/) - Build dependency declared by Homebrew.
- [checkov](https://www.automicvault.com/pkg/brew/checkov/) - Shares av.db curated category or tags: cli, compliance, security, static-analysis.
- [gosec](https://www.automicvault.com/pkg/brew/gosec/) - Shares av.db curated category or tags: cli, sast, security, static-analysis.
- [terrascan](https://www.automicvault.com/pkg/brew/terrascan/) - Shares av.db curated category or tags: cli, compliance, security, static-analysis.
- [bandit](https://www.automicvault.com/pkg/brew/bandit/) - Shares av.db curated category or tags: cli, security, static-analysis.
- [bomber](https://www.automicvault.com/pkg/brew/bomber/) - Shares av.db curated category or tags: cli, devsecops, security.
- [caracal](https://www.automicvault.com/pkg/brew/caracal/) - Shares av.db curated category or tags: cli, security, static-analysis.
- [cargo-geiger](https://www.automicvault.com/pkg/brew/cargo-geiger/) - Shares av.db curated category or tags: cli, security, static-analysis.
- [cfripper](https://www.automicvault.com/pkg/brew/cfripper/) - Shares av.db curated category or tags: cli, security, static-analysis.

## Combined YAML source

View the package source record on GitHub. [combined/intercept.yml](https://github.com/automic-vault/db/blob/main/combined/intercept.yml)


## Sources

- Nucleus package database
- Geiger risk classifier
- package-page enrichment
- curated package history
- package version freshness
- av.db category and tag curation
- package relationship graph
- cross-ecosystem install command graph
