Skip to content

Vigils v0.1.28

Choose a tag to compare

View all tags
@github-actions github-actions released this 07 Jun 10:01
· 32 commits to main since this release
v0.1.28
2f948a8

One command now protects Codex too — not just Claude Code.

Added

  • setup --mcp now protects Codex CLI's MCP servers, not only Claude Code's. vigil-hub setup --mcp (preview / --apply / --uninstall) and the all-in-one setup --all now also detect and
    wrap the stdio MCP servers in Codex's ~/.codex/config.toml (the [mcp_servers.*] tables), in
    addition to Claude Code's ~/.claude.json. One command protects every agent surface you have. Each
    Codex server is rewritten to launch through the Vigil gateway (result redaction + raw-secret block +
    tamper-evident audit, default monitor posture), reversibly — --uninstall restores the originals.
    Edits are format-preserving: only the wrapped entry's command/args change; your comments,
    key order, env tables, and other settings (model, approval policy, …) are left exactly as they
    were. Codex servers get a codex-<name> gateway id, namespace-disjoint from the Claude
    user-/local- ids so the same server name across agents never collides in the shared audit ledger.

Security

  • The Codex path reuses the same classifier and safety machinery as the Claude path (sentinel
    exact-match for idempotency, dangerous-character rejection, non-stdio skip, server-id validation,
    abort-on-malformed-config with atomic write + backup) — one source of truth, no drift. env values
    are never copied into the rewritten command line (key names only) and never printed. Reviewed
    adversarially (two rounds): uninstall refuses a lossy restore of any hand-edited entry, and a failing
    Codex step after the Claude side already applied is reported honestly with recovery guidance.

中文

一条命令现在也保护 Codex —— 不再只是 Claude Code。

新增

  • setup --mcp 现在也保护 Codex CLI 的 MCP server,不再只限 Claude Code。 vigil-hub setup --mcp
    (预览 / --apply / --uninstall)与一键的 setup --all,现在除 Claude Code 的 ~/.claude.json 外,
    还会检测并包裹 Codex ~/.codex/config.toml 里([mcp_servers.*] 表)的 stdio MCP server。一条命令
    保护你拥有的每个 agent 接入面。每个 Codex server 被改写为经 Vigil 网关启动(结果脱敏 + 裸 secret 拦截 +
    防篡改审计,默认 monitor 姿态),可逆 —— --uninstall 还原原样。改写保留格式:只改被包裹条目的
    command/args;你的注释、键序、env 表、以及其它设置(model、approval policy……)逐字不动。Codex
    server 用 codex-<name> 网关 id,与 Claude 的 user-/local- 命名空间不相交 —— 跨 agent 的同名 server
    在共享审计账本里绝不串身份。

安全

  • Codex 路径复用与 Claude 路径完全相同的分类器与安全机制(sentinel 精确匹配保证幂等、危险字符拒绝、
    非 stdio 跳过、server-id 校验、配置损坏即 abort 且原子写 + 备份)—— 单一真源,绝不漂移。env 的值
    从不被复制进改写后的命令行(只含键名)、也从不打印。经两轮对抗审查:uninstall 拒绝对任何被手改条目做
    lossy 还原;Claude 侧已应用后 Codex 步若失败,会如实报告并给出恢复指引。

Downloads — which file do I want?

  • Desktop app (most users): the installer for your OS — Windows Vigils_*_x64-setup.exe (or .msi), macOS Vigils_*.dmg, Linux .AppImage / .deb / .rpm. Gives you the GUI: Activity Feed, Approval Queue, Server Registry.
  • CLI gateway (put Vigils in front of an AI agent — Claude Code / Codex / Cursor / Zed): vigils-cli-<platform> (contains vigil-hub + vigil-native-host). This is the MCP proxy your agent connects to.
  • Browser extension (guard pasting/typing secrets into AI web apps, Chrome MV3): vigils-chrome-extension.zip — unzip, then load unpacked at chrome://extensions.
  • The .sig and Vigils.app.tar.gz files are desktop auto-updater artifacts — you do not need to download them.

New here? Full setup & agent-integration guide: https://duncatzat.github.io/vigils

Early releases are unsigned; your OS may show a Gatekeeper / SmartScreen prompt on first run.

Apache-2.0 · https://vigils.ai · Full changelog

Assets 22
Loading