vigil
AI agent safety guardrails for tool calls.
Setup & Installation
Install command
clawhub install robinoppenstam/vigilIf the CLI is not installed:
Install command
npx clawhub@latest install robinoppenstam/vigilOr install with OpenClaw CLI:
Install command
openclaw skills install robinoppenstam/vigilor paste the repo link into your assistant's chat
Install command
https://github.com/openclaw/skills/tree/main/skills/robinoppenstam/vigilWhat This Skill Does
Vigil validates AI agent tool calls before they execute, blocking operations like destructive shell commands, SSRF, SQL injection, path traversal, and credential leaks. It runs as a drop-in npm package with 22 rules, zero runtime dependencies, and under 2ms latency per check.
Zero runtime dependencies and sub-2ms latency mean it can run inline on every tool call without adding measurable overhead to the agent pipeline.
When to Use It
- Blocking rm -rf commands issued by autonomous agents
- Preventing SSRF in agent-driven API and HTTP calls
- Catching SQL injection before a database tool executes
- Auditing all tool calls made by a shell-executing agent
- Adding a safety layer to an existing MCP server
Example Workflow
Here's how your AI assistant might use this skill in practice.
User asks: Blocking rm -rf commands issued by autonomous agents
- 1Blocking rm -rf commands issued by autonomous agents
- 2Preventing SSRF in agent-driven API and HTTP calls
- 3Catching SQL injection before a database tool executes
- 4Auditing all tool calls made by a shell-executing agent
- 5Adding a safety layer to an existing MCP server
AI agent safety guardrails for tool calls.
Security Audits
These signals reflect official OpenClaw status values. A Suspicious status means the skill should be used with extra caution.