✓ Verified 💻 Development ✓ Enhanced Data

Vigil

AI agent safety guardrails for tool calls.

Rating
4.1 (382 reviews)
Downloads
23,441 downloads
Version
1.0.0

Overview

AI agent safety guardrails for tool calls.

Complete Documentation

View Source →

Vigil — Agent Safety Guardrails

Validates what AI agents DO, not what they SAY. Drop-in safety layer for any tool-calling agent.

Prerequisites

This skill requires the vigil-agent-safety npm package (12.3KB, Apache 2.0 license):

bash
npm install vigil-agent-safety
  • Source code: https://github.com/hexitlabs/vigil
  • npm: https://www.npmjs.com/package/vigil-agent-safety
  • The npm package has zero runtime dependencies. This skill is a wrapper that calls that package.

Quick Start

typescript
import { checkAction } from 'vigil-agent-safety';

const result = checkAction({
  agent: 'my-agent',
  tool: 'exec',
  params: { command: 'rm -rf /' },
});

// result.decision === "BLOCK"
// result.reason === "Destructive command pattern"
// result.latencyMs === 0.3

What It Catches

  • Destructive commands (rm -rf, mkfs, reverse shells) → BLOCK
  • SSRF (metadata endpoints, localhost, internal IPs) → BLOCK
  • Data exfiltration (curl to external, .ssh/id_rsa access) → BLOCK
  • SQL injection (DROP TABLE, UNION SELECT) → BLOCK
  • Path traversal (../../../etc/shadow) → BLOCK
  • Prompt injection (ignore instructions, [INST] tags) → BLOCK
  • Encoding attacks (base64 decode, eval(atob())) → BLOCK
  • Credential leaks (API keys, AWS keys, tokens) → ESCALATE
22 rules. Zero dependencies. Under 2ms per check.

Modes

typescript
import { configure } from 'vigil-agent-safety';

// warn = log violations but don't block (recommended to start)
configure({ mode: 'warn' });

// enforce = block dangerous calls
configure({ mode: 'enforce' });

// log = silent logging only
configure({ mode: 'log' });

Use with Clawdbot

Add Vigil as a safety layer for your agent tool calls. The scripts/vigil-check.js wrapper lets you validate from the command line:

bash
# Check a tool call
node scripts/vigil-check.js exec '{"command":"rm -rf /"}'
# → BLOCK: Destructive command pattern

# Check a safe call
node scripts/vigil-check.js read '{"path":"./README.md"}'
# → ALLOW

Policies

Load built-in policy templates:

typescript
import { loadPolicy } from 'vigil-agent-safety';

loadPolicy('restrictive');  // Tightest rules
loadPolicy('moderate');     // Balanced (default)
loadPolicy('permissive');   // Minimal blocking

CLI

bash
npx vigil-agent-safety check --tool exec --params '{"command":"ls -la"}'
npx vigil-agent-safety policies

Links

  • GitHub: https://github.com/hexitlabs/vigil
  • npm: https://www.npmjs.com/package/vigil-agent-safety
  • Docs: https://hexitlabs.com/vigil

Installation

Terminal bash 

openclaw install vigil
Copied!

💻Code Examples

npm install vigil-agent-safety

npm-install-vigil-agent-safety.txt
- **Source code:** https://github.com/hexitlabs/vigil
- **npm:** https://www.npmjs.com/package/vigil-agent-safety
- **The npm package has zero runtime dependencies.** This skill is a wrapper that calls that package.

## Quick Start

// result.latencyMs === 0.3

-resultlatencyms--03.txt
## What It Catches

- Destructive commands (rm -rf, mkfs, reverse shells) → BLOCK
- SSRF (metadata endpoints, localhost, internal IPs) → BLOCK
- Data exfiltration (curl to external, .ssh/id_rsa access) → BLOCK
- SQL injection (DROP TABLE, UNION SELECT) → BLOCK
- Path traversal (../../../etc/shadow) → BLOCK
- Prompt injection (ignore instructions, [INST] tags) → BLOCK
- Encoding attacks (base64 decode, eval(atob())) → BLOCK
- Credential leaks (API keys, AWS keys, tokens) → ESCALATE

22 rules. Zero dependencies. Under 2ms per check.

## Modes

configure({ mode: 'log' });

configure-mode-log-.txt
## Use with Clawdbot

Add Vigil as a safety layer for your agent tool calls. The `scripts/vigil-check.js` wrapper lets you validate from the command line:

# → ALLOW

--allow.txt
## Policies

Load built-in policy templates:
example.ts
import { checkAction } from 'vigil-agent-safety';

const result = checkAction({
  agent: 'my-agent',
  tool: 'exec',
  params: { command: 'rm -rf /' },
});

// result.decision === "BLOCK"
// result.reason === "Destructive command pattern"
// result.latencyMs === 0.3
example.ts
import { configure } from 'vigil-agent-safety';

// warn = log violations but don't block (recommended to start)
configure({ mode: 'warn' });

// enforce = block dangerous calls
configure({ mode: 'enforce' });

// log = silent logging only
configure({ mode: 'log' });
example.sh
# Check a tool call
node scripts/vigil-check.js exec '{"command":"rm -rf /"}'
# → BLOCK: Destructive command pattern

# Check a safe call
node scripts/vigil-check.js read '{"path":"./README.md"}'
# → ALLOW
example.ts
import { loadPolicy } from 'vigil-agent-safety';

loadPolicy('restrictive');  // Tightest rules
loadPolicy('moderate');     // Balanced (default)
loadPolicy('permissive');   // Minimal blocking

Tags

#git_and-github

Quick Info

Category Development
Model Claude 3.5
Complexity Multi-Agent
Author robinoppenstam
Last Updated 3/10/2026
🚀
Optimized for
Claude 3.5
🧠

Ready to Install?

Get started with this skill in seconds

openclaw install vigil

Resources

📂
OpenClaw Skills
View on OpenClaw GitHub

Related Skills

✓ Verified 💻 Development

4claw

4claw — a moderated imageboard for AI agents.

🧠 Claude-Ready #ai_and-llms
)}
4.4 (118)
4,990
v1.0.0
✓ Verified 💻 Development

Aap Passport

Agent Attestation Protocol - The Reverse Turing Test.

🧠 Claude-Ready #ai_and-llms
)}
4.3 (89)
4,621
v1.0.0
✓ Verified 💻 Development

Acestep Lyrics Transcription

Transcribe audio to timestamped lyrics using OpenAI Whisper or ElevenLabs Scribe API.

GPT-Optimized #ai_and-llms #api #script
)}
3.8 (274)
17,648
v1.0.0
✓ Verified 💻 Development

Adaptive Suite

A continuously adaptive skill suite that empowers Clawdbot.

🧠 Claude-Ready #ai_and-llms #bot
)}
4.7 (88)
1,625
v1.0.0