Skip to content

Vigils v0.1.29

Choose a tag to compare

View all tags
@github-actions github-actions released this 07 Jun 10:45
· 31 commits to main since this release
v0.1.29
d8464c2

Cursor and Windsurf are protected now too — four agent surfaces from one command.

Added

  • setup --mcp now protects Cursor and Windsurf, not just Claude Code and Codex. vigil-hub setup --mcp (preview / --apply / --uninstall) and the all-in-one setup --all now also detect and wrap
    the stdio MCP servers in Cursor's ~/.cursor/mcp.json and Windsurf's
    ~/.codeium/windsurf/mcp_config.json. One command now protects all four agent surfaces you might
    have. Both reuse the exact same gateway wrap (result redaction + raw-secret block + tamper-evident
    audit, default monitor posture), reversibly — --uninstall restores the originals. Each server gets a
    cursor-<name> / windsurf-<name> gateway id, namespace-disjoint from the Claude user-/local-
    and Codex codex- ids so the same server name across agents never collides in the shared audit ledger.

Security

  • Cursor and Windsurf use the very same JSON mcpServers shape as Claude's user scope, so the new code
    reuses the same classifier and safe-edit machinery (sentinel exact-match, dangerous-character
    rejection, non-stdio skip, server-id validation, atomic write + backup). Two hardenings to the shared
    path: a remote server declared with Windsurf's serverUrl field (not just url) is now correctly
    skipped instead of mistaken for stdio; and a config file that exists but can't be read (e.g. a
    permission error) is now reported as a real error instead of being silently treated as "not
    configured" — so an inaccessible config is never silently left unprotected. Reviewed adversarially.

中文

Cursor 与 Windsurf 现在也受保护 —— 一条命令覆盖四个 agent 接入面。

新增

  • setup --mcp 现在也保护 Cursor 与 Windsurf,不再只限 Claude Code 与 Codex。 vigil-hub setup --mcp(预览 / --apply / --uninstall)与一键的 setup --all,现在还会检测并包裹 Cursor
    ~/.cursor/mcp.json 与 Windsurf ~/.codeium/windsurf/mcp_config.json 里的 stdio MCP server。一条命令
    现在覆盖你可能拥有的全部四个 agent 接入面。两者复用完全相同的网关包裹(结果脱敏 + 裸 secret 拦截 +
    防篡改审计,默认 monitor 姿态),可逆 —— --uninstall 还原原样。每个 server 用 cursor-<name> /
    windsurf-<name> 网关 id,与 Claude 的 user-/local-、Codex 的 codex- 命名空间不相交 —— 跨 agent
    的同名 server 在共享审计账本里绝不串身份。

安全

  • Cursor 与 Windsurf 用与 Claude user scope 完全相同的 JSON mcpServers 形态,故新代码复用同一个
    分类器与安全编辑机制(sentinel 精确匹配、危险字符拒绝、非 stdio 跳过、server-id 校验、原子写 + 备份)。
    对共享路径两处加固:用 Windsurf 的 serverUrl 字段(而非 url)声明的远程 server,现在被正确跳过而非误
    当 stdio 包裹;以及一个存在但读不到的配置文件(如权限错误),现在会如实报错,而不是被静默当成"未配置"
    —— 让不可访问的配置绝不被悄悄漏保护。已经对抗审查。

Downloads — which file do I want?

  • Desktop app (most users): the installer for your OS — Windows Vigils_*_x64-setup.exe (or .msi), macOS Vigils_*.dmg, Linux .AppImage / .deb / .rpm. Gives you the GUI: Activity Feed, Approval Queue, Server Registry.
  • CLI gateway (put Vigils in front of an AI agent — Claude Code / Codex / Cursor / Zed): vigils-cli-<platform> (contains vigil-hub + vigil-native-host). This is the MCP proxy your agent connects to.
  • Browser extension (guard pasting/typing secrets into AI web apps, Chrome MV3): vigils-chrome-extension.zip — unzip, then load unpacked at chrome://extensions.
  • The .sig and Vigils.app.tar.gz files are desktop auto-updater artifacts — you do not need to download them.

New here? Full setup & agent-integration guide: https://duncatzat.github.io/vigils

Early releases are unsigned; your OS may show a Gatekeeper / SmartScreen prompt on first run.

Apache-2.0 · https://vigils.ai · Full changelog

Assets 22
Loading