Introduction
Vigils is a local-first control plane for AI agents:
- Action firewall (
Firewall::evaluate) — fail-closed effect gating - Audit ledger (SHA-256 hash chain) — tamper-evident decision history
- Privacy filter (hard-fingerprint rules + optional ONNX-backed PII detection)
- MCP hub (Model Context Protocol server registry + descriptor pinning)
- Approval queue (human-in-the-loop for risky effects)
- Sandbox runner (Wasm + native, Linux Landlock LSM)
Vigils sits between AI agents and the effectful tools / APIs they touch, gating each action through redaction + policy + audit + approval — and everything stays on your machine.
Project status
| Dimension | State |
|---|---|
| Releases | 3-platform signed installers + auto-update (OTA) — latest release |
| Rust SDK | vigil-sdk published to crates.io |
| Security | Comprehensive audit (OWASP + STRIDE + supply chain) — 9.9 / 10, 0 critical / high |
| Maturity | Core safety claims proven-safe with code + test evidence; all sandbox / SDK / audit changes reviewed |
Distribution
- Desktop installers — Linux deb / rpm / AppImage + macOS dmg + Windows nsis / msi (Ed25519-signed, auto-update).
- Rust SDK —
cargo add vigil-sdk(crates.io / docs.rs). - Browser extension — Chrome MV3 (redacts before paste / submit on AI sites).
- CLI agent gateway —
vigil-hub serve --stdio(Claude Code / Codex / Cursor / Zed).
License
Apache-2.0 © Vigils Project Contributors