Endpoint security for the AI developer.

See what AI coding agents actually do on your machine. Detect credential exposure, supply chain risk, and adversarial behavior in real time.

View on GitHub
http://localhost:9081 — Vigil dashboard
Sensitive findings
17
AWS keys, GitHub tokens, Anthropic API keys
AI agents seen
4
Claude Code · Cursor · ChatGPT Desktop · Ollama
CVEs in installs
3
Caught via OSV before execution

AI agents are writing code, accessing credentials, and calling APIs on your machine. Nobody's watching.

85% of developers use AI coding agents daily. 88% of organizations have reported AI-related security incidents. The agents install dependencies, read sensitive files, and make API calls — often overnight, often without supervision. Existing security tools weren't built for this. CrowdStrike watches for malware. Snyk watches your repository's dependencies. Nobody watches the AI agent that installs the dependencies, writes the code, and accesses production credentials at 3 AM while you sleep.

What Vigil does

Three-layer monitoring

Captures every AI agent action through JSONL session tailing, system process monitoring, and optional HTTPS proxy interception. Works with Claude Code, Cursor, Copilot, ChatGPT Desktop, and 15+ other agents. Zero configuration required for the basic layer.

Sensitive data detection

Detects AWS keys, GitHub tokens, Anthropic API keys, and 20+ other credential patterns in AI session data. Severity-ranked alerts with drill-down to the exact conversation turn where exposure occurred. Plaintext auto-purged after 30 days; metadata retained for audit.

Supply chain intelligence

Real-time CVE detection across 19 package managers via OSV.dev. Threat intel feeds from ThreatFox and URLhaus. Detects when AI agents install packages with known vulnerabilities or malicious behavior — before they execute.

Install in 30 seconds

Free and open source. macOS today, Linux best-effort, Windows coming in v0.3.

pip
Available now
pip install ai-runtime-monitor
ai-monitor --setup
ai-monitor --start
Homebrew
v0.2.1
# Coming in v0.2.1 (2-3 days post-launch)
brew tap rajan-cforge/vigil
brew install vigil
vigil --setup
vigil --start

Then open http://localhost:9081 in your browser. The setup wizard walks you through certificate trust (cryptographically constrained to AI domains only via X.509 NameConstraints), data directory creation, and dashboard token generation.

Read the docs on GitHub

For teams and enterprises

Vigil's free tier runs on a single developer's machine. The Pro tier ($29/month) adds full HTTPS proxy capture and LaunchAgent auto-start. Enterprise tier adds fleet-scale monitoring with a control plane, RBAC, SSO, and SIEM integration. We're booking design partners now for the v1.0 fleet dashboard launching in Q4 2026.

Contact for enterprise