vrr/goose
2
0
Fork 0
mirror of https://github.com/block/goose.git synced 2026-05-01 21:10:54 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 34

docs: malware check for uvx and npx extensions (#4508)

Browse source 
Co-authored-by: Angie Jones <jones.angie@gmail.com>
This commit is contained in:
dianed-square 2025-09-03 23:29:03 -07:00 committed by GitHub
parent bce046607c
commit 6552d89d6d
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
2 changed files with 23 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

5
documentation/docs/getting-started/using-extensions.md
View file

@ -12,11 +12,12 @@ Extensions are add-ons that provide a way to extend the functionality of Goose b
Extensions are based on the [Model Context Protocol (MCP)](https://github.com/modelcontextprotocol), so you can connect
Goose to a wide ecosystem of capabilities.
Goose automatically checks external extensions for known malware before activation. If a malicious package is detected, the [extension will be blocked](/docs/troubleshooting#malicious-package-detected) with a clear error message.
:::tip Tutorials
Check out the [step-by-step tutorials](/docs/category/mcp-servers) for adding and using several Goose Extensions
:::
## Built-in Extensions
Out of the box, Goose is installed with a few extensions but with only the `Developer` extension enabled by default.
@ -664,4 +665,4 @@ goose session --with-streamable-http-extension "https://example.com/streamable"
Goose extensions are implemented with MCP, a standard protocol that allows AI models and agents to securely connect with local or remote resources. Learn how to build your own [extension as an MCP server](https://modelcontextprotocol.io/quickstart/server).
[extensions-directory]: https://block.github.io/goose/v1/extensions
[extensions-directory]: https://block.github.io/goose/extensions/