Zero-dependency safety guardrails for AI agent tool calls.
<2ms. 22 rules. npm install and go.
import { checkAction } from 'vigil-agent-safety'; const result = checkAction({ agent: 'my-agent', tool: 'exec', params: { command: 'rm -rf /' }, }); // result.decision → "BLOCK" // result.reason → "Destructive command pattern" // result.latencyMs → 0.3
Every tool call your agent makes gets checked against battle-tested patterns, in under 2 milliseconds.
rm -rf, mkfs, dd if=/dev/zero, reverse shells, fork bombs
169.254.169.254, localhost, internal IPs, cloud metadata endpoints
curl evil.com, .ssh/id_rsa, /etc/shadow, piped secrets
DROP TABLE, UNION SELECT, OR 1=1, comment injection
../../../etc/passwd, %2e%2e/, directory escape sequences
ignore previous instructions, [INST] tags, system prompt leaks
base64 -d | sh, eval(atob()), hex-encoded payloads
API keys, AWS secrets, tokens, passwords in tool params
Vigil is a deterministic rule engine, not another AI wrapper.
| Tool | Latency | Dependencies | Validates Tool Calls | Works Offline |
|---|---|---|---|---|
| Vigil | <2ms | 0 | ||
| Llama Guard | ~500ms | PyTorch, model weights | ||
| Regex / DIY | <1ms | 0 | Partial | |
| GPT-4 Review | ~2-5s | API key, network |
Drop Vigil into any agent framework, CI pipeline, or API server.
Model Context Protocol
Agent middleware
API middleware
CI/CD pipeline checks
HexOS agent safety
Pattern rules today. MCP proxy next. Cloud + ML coming.
Real teams shipping AI agents with Vigil as their safety layer.
"Vigil took 5 minutes to install and immediately made our setup safer."
We run Clawdbot (AI agent) on a production server with full shell access. After seeing another bot accidentally send messages to the wrong user due to hardcoded IDs, we decided to harden our security stack. Vigil was the easiest win. Install was literally npm install vigil-agent-safety, write a small plugin file, register it, done. The Clawdbot integration example on GitHub made it straightforward. We went from zero tool-call validation to 22 rules covering destructive commands, SSRF, data exfiltration, SQL injection, and more, all in under 10 minutes.
What sold me: it's deterministic, not another AI wrapper. No API keys, no network calls, no dependencies. Just fast pattern matching at <2ms per check. Our agent runs exec commands constantly and we haven't noticed any latency impact. Running in enforce mode in production. It just works.
"Exactly what a safety layer should be: invisible until it matters."
We integrated Vigil into our AI agent stack (Clawdbot) in under 15 minutes. Zero dependencies meant zero trust concerns. Our security audit was the shortest we've ever done. It's now the first line of defence on every tool call our agents make. The HexOS integration example made it plug-and-play, and at <2ms per check, we genuinely forget it's there.
Vigil is free, open source, and always will be. Your support helps us ship faster.
Help others discover Vigil. Stars drive visibility.
Recurring support via GitHub Sponsors. Every bit counts.
0x3AA32976b514F4caaad1e8C69fD55d0E89B50a0ebc1qzqz9pnrngtq9y4tt9e7vznknxn4dtmphe2pppn8ag7B9DvnUdrgmbYnYxhAv25jwcLjzyoWt8uzYGd5XSC