Docs — Vigil

// getting started

Installation

Vigil ships as a single static binary — under 5MB, zero runtime dependencies. Install via Homebrew on macOS or Linux.

$ brew install vigil

==> Downloading vigil-0.4.1.tar.gz ==> Installing vigil 🍺 /usr/local/bin/vigil -> vigil-0.4.1

Verify the installation:

$ vigil --version

vigil 0.4.1 (aarch64-apple-darwin)

That's it. No language runtimes, no Docker, no cloud accounts. The binary includes the daemon, CLI, and all detection engines. Works on macOS (Apple Silicon + Intel) and Linux (x86_64 + aarch64).

Quick Start

Four steps to full visibility across every AI agent touching your codebase.

Step 1. Start the daemon. It watches your project directory for filesystem changes, git activity, and running processes.

$ vigil watch ~/projects

[vigil] daemon started (pid 41822) [vigil] watching ~/projects (recursive) [vigil] process scanner active [vigil] ready

Step 2. Launch your agents. Open Claude Code, start Cursor, spin up Conductor — whatever you use. Vigil detects them automatically.

$ claude

[vigil] detected agent: claude-code (pid 41930) [vigil] hooks API connected [vigil] session s_7f2a started

Step 3. Check status. See every active agent, files they've touched, and any collision warnings.

$ vigil status

AGENTS (2 active) claude-code pid 41930 session s_7f2a 14 files 0 collisions cursor pid 42101 session s_8b3c 6 files 0 collisions COLLISIONS (0 active) No active collisions detected. UPTIME 1h 12m EVENTS 847 STORE 2.1 MB

Step 4. Review the event log. Every file touch, edit, and agent action is captured with timestamps and attribution.

$ vigil log --limit 5

2025-01-15 14:23:01 claude-code WRITE src/lib/api.ts 2025-01-15 14:22:58 claude-code WRITE src/lib/api.ts 2025-01-15 14:22:41 cursor WRITE src/components/nav.tsx 2025-01-15 14:22:30 cursor READ src/components/nav.tsx 2025-01-15 14:22:12 claude-code WRITE src/lib/utils.ts

Configuration

Vigil works with zero configuration — no config files needed. All options are passed as CLI flags to vigil watch.

A config file format is planned for a future release.

// concepts

Universal Capture

Every AI agent that touches your code — whether it's Claude Code with deep hooks integration, Cursor via its extension API, or an unknown process writing files — gets captured in a single unified event stream. No plugins to install, no agents to configure.

How it works: Vigil's daemon combines three detection layers. Layer 1 watches filesystem events (file creates, writes, deletes) and correlates them with running processes to attribute each change to a specific agent. Layer 2 connects to agent–specific APIs — Claude Code's hooks, Cursor's extension bus, OpenTelemetry collectors — for richer metadata like prompt context and tool calls. Every event lands in a local SQLite store with sub–millisecond timestamps.

$ vigil log --agent claude-code --limit 5

2025-01-15 14:23:01 WRITE src/lib/api.ts +42 -8 2025-01-15 14:22:58 WRITE src/lib/api.ts +15 -3 2025-01-15 14:22:41 WRITE src/utils/helpers.ts +28 -0 2025-01-15 14:22:30 READ src/utils/helpers.ts 2025-01-15 14:22:12 WRITE src/lib/utils.ts +7 -2

Collision Detection

When two agents edit the same file within a configurable time window, Vigil flags a collision. This is the most common source of silent bugs in multi–agent workflows — Agent A refactors a function while Agent B adds a new call to the old signature. Without Vigil, you'd only discover the break at runtime.

How it works: The daemon maintains a sliding window (default 30 seconds) over the event stream. When overlapping writes from different agents hit the same file path, a collision record is created linking both sessions. The CLI and menu bar app surface these instantly with file–level detail.

$ vigil status

AGENTS (2 active) claude-code pid 41930 session s_7f2a 14 files 1 collision cursor pid 42101 session s_8b3c 6 files 1 collision COLLISIONS (1 active) ⚠ src/lib/api.ts claude-code (s_7f2a) wrote at 14:23:01 cursor (s_8b3c) wrote at 14:23:18 window: 17s risk: high

Confidence Scoring

Not all agent outputs are equal. A one–line typo fix is almost certainly correct. A 200–line refactor of code the agent has never seen before is risky. Vigil assigns a confidence score to each agent session based on observable signals — not guesses.

How it works: The scoring engine weighs multiple factors: the ratio of lines read to lines written (agents that read more before writing score higher), whether the agent accessed test files, whether it wrote tests alongside production code, the size and complexity of the diff, and historical accuracy for that agent type. Scores range from 0–100, where anything below 60 triggers a review warning.

$ vigil log --agent cursor --fields confidence

SESSION CONFIDENCE FILES READS WRITES TESTS s_8b3c 82 6 14 8 2 s_7e1a 47 12 3 28 0 s_6d0f 91 2 8 4 2

Cost Intelligence

AI agents consume tokens, and tokens cost money. Vigil tracks estimated spend per agent, per session, and per time period — giving you a real burn rate instead of a surprise invoice at the end of the month.

How it works: For agents with deep hooks (Claude Code), Vigil captures actual token counts from the API response. For others, it estimates based on file sizes read and written, using published per–token pricing for each model. The vigil cost command breaks down spend by agent, session, and time window.

$ vigil cost --since 24h

AGENT SESSIONS TOKENS ESTIMATED COST claude-code 4 1,247,800 $4.82 cursor 7 892,100 $2.14 codex 2 341,500 $1.02 ───────────────────────────────────────────────── TOTAL 13 2,481,400 $7.98 DAILY AVG (7d) $6.41 MONTHLY PROJ $192.30

Hallucination Detection

Agents sometimes import modules that don't exist, call functions with wrong signatures, or reference APIs that were deprecated three versions ago. Vigil catches these patterns by cross–referencing agent output against your actual codebase state.

How it works: After an agent writes a file, Vigil's L3 Trust Intelligence layer runs a series of checks: import resolution (do the imported modules actually exist?), symbol validation (do referenced functions and types exist in the codebase?), and pattern matching against known hallucination signatures. Flagged issues appear in the event log and the menu bar app with a hallucination warning.

$ vigil log --flags hallucination --limit 3

2025-01-15 14:41:22 cursor WRITE src/lib/auth.ts ⚠ HALLUCINATION: import { verifyToken } from "@/lib/jwt" Module @/lib/jwt does not exist in workspace 2025-01-15 14:38:07 codex WRITE src/api/users.ts ⚠ HALLUCINATION: calling db.users.findUnique() Method findUnique not found on users table 2025-01-15 14:35:51 cursor WRITE src/utils/format.ts ⚠ HALLUCINATION: import { formatDistance } from "date-fns/esm" date-fns/esm is deprecated since v3.0

Selective Rollback

When an agent goes off the rails, you need to undo its work without losing changes from other agents that were working in parallel. A blanket git reset destroys everything. Vigil's selective rollback targets only the changes from a specific agent session.

How it works: Every write event is stored with a before–and–after snapshot of the affected file region. When you roll back a session, Vigil replays the inverse patches in reverse chronological order, applying only the diffs attributed to that session. Other agents' changes remain intact.

$ vigil rollback --session s_7e1a --dry-run

SESSION s_7e1a (cursor, 14:30–14:38) Would revert 12 files: src/lib/auth.ts -47 +12 src/api/users.ts -31 +8 src/api/posts.ts -22 +5 src/utils/format.ts -15 +3 ... and 8 more Other agents' changes: preserved Run without --dry-run to apply.

// cli reference

vigil watch

Start the Vigil daemon. It monitors filesystem events, detects running AI agents, and records every action to the local SQLite store.

Usage

vigil watch <paths...> Arguments: <paths...> Directories to watch (required)

$ vigil watch ~/projects

[vigil] daemon started (pid 41822) [vigil] watching ~/projects (recursive) [vigil] process scanner active [vigil] ready

vigil status

Show a snapshot of the current daemon state: active agents, their sessions, file counts, collision warnings, and overall resource usage. Exits with code 1 if collisions are active, making it useful in CI scripts.

Usage

vigil status

$ vigil status

AGENTS (3 active) claude-code pid 41930 session s_7f2a 14 files 0 collisions cursor pid 42101 session s_8b3c 6 files 1 collision codex pid 42200 session s_9d4e 3 files 1 collision COLLISIONS (1 active) ⚠ src/lib/api.ts cursor (s_8b3c) wrote at 14:23:18 codex (s_9d4e) wrote at 14:23:41 window: 23s risk: high UPTIME 2h 07m EVENTS 1,204 STORE 3.4 MB

vigil log

Query the event stream. Filter by agent or file path. By default shows the most recent events across all agents.

Usage

vigil log [options] Options: --agent <name> Filter by agent name --file <glob> Filter by file path pattern --limit <n> Max events to show (default: 20)

$ vigil log --agent claude-code --since 1h --limit 3

2025-01-15 14:23:01 claude-code WRITE src/lib/api.ts +42 -8 2025-01-15 14:22:58 claude-code WRITE src/lib/api.ts +15 -3 2025-01-15 14:22:12 claude-code WRITE src/lib/utils.ts +7 -2

vigil cost

Show token usage and estimated cost breakdowns. Aggregates by agent, session, or time period. Uses actual token counts from hooked agents and estimates for the rest.

Usage

vigil cost [options] Options: --since <duration> Time window (e.g., 24h, 7d, 30d) --agent <name> Filter by agent name --sessions Show per-session breakdown

$ vigil cost --since 7d

DATE SESSIONS TOKENS ESTIMATED COST 2025-01-15 8 1,842,300 $6.41 2025-01-14 5 1,123,400 $3.92 2025-01-13 11 2,401,800 $8.74 2025-01-12 3 487,200 $1.68 2025-01-11 7 1,654,100 $5.83 2025-01-10 6 1,201,000 $4.17 2025-01-09 9 1,978,500 $7.02 ────────────────────────────────────────────────── TOTAL 49 10,688,300 $37.77 DAILY AVG $5.40 MONTHLY PROJ $162.00

vigil init

Register Claude Code hooks so Vigil can capture richer telemetry — token counts, model selection, and tool calls — beyond what filesystem watching alone provides.

Usage

vigil init

$ vigil init

[vigil] registering Claude Code hooks... [vigil] hook registered: PreToolUse [vigil] hook registered: PostToolUse [vigil] hook registered: Stop [vigil] hooks active

// integrations

Claude Code

Native hooks API + FS watcherdeep

The deepest integration available. Vigil connects directly to Claude Code’s hooks API, capturing prompt context, tool calls, token counts, model selection, and error states in addition to filesystem events. This gives Vigil full visibility into what the agent is thinking, not just what it’s writing.

Setup: Run the hook installer to enable deep integration:

$ vigil hook init

[vigil] scanning for supported agents... [vigil] found: claude-code [vigil] installed hooks: ~/.claude/hooks/pre-tool-use.sh → vigil event capture ~/.claude/hooks/post-tool-use.sh → vigil result capture ~/.claude/hooks/on-error.sh → vigil error tracking [vigil] hooks active — claude-code integration: deep

Cursor

Extension API + FS watcherrich

Vigil detects Cursor through its process signature and monitors its file operations via the filesystem watcher. The extension API integration captures additional metadata including active file context, applied edits, and composer session boundaries. No manual setup required — Vigil detects Cursor automatically when it starts.

Codex

OpenTelemetry collectorrich

OpenAI Codex emits OpenTelemetry traces that Vigil’s built-in OTLP collector ingests automatically. This provides structured span data including token usage, model calls, and tool invocations. Combined with filesystem monitoring, Vigil reconstructs a complete timeline of Codex’s actions.

Conductor

Worktree detection + process scanrich

Conductor orchestrates multiple agents across git worktrees. Vigil detects worktree creation and monitors each branch independently, attributing file changes to the correct Conductor-managed agent. Process scanning identifies the parent Conductor process and its child agents for accurate session grouping.

Aider

FS watcher + git monitormoderate

Aider works primarily through git commits, making it straightforward for Vigil to track. The filesystem watcher captures file edits in real time, while the git monitor detects Aider’s characteristic commit patterns to attribute changes and reconstruct session boundaries.

Generic

FS watcher + process detectionuniversal

Any process that modifies files in a watched directory is captured, even if Vigil doesn’t have a specific integration for it. Process detection identifies the program name and PID, while the filesystem watcher records every read and write. This is the L1 Universal Capture layer — it works with everything, automatically.

// architecture

Three Layers

Vigil's architecture is a three–layer stack. Each layer builds on the one below it. L1 works universally with zero configuration. L2 and L3 activate automatically when deeper integrations are available.

L3Trust Intelligence

Confidence + Hallucination + Collision

The highest layer analyzes agent behavior for trustworthiness. It scores session confidence based on read/write ratios and test coverage, detects hallucinated imports and function calls by cross-referencing against the actual codebase, and flags collisions when multiple agents edit overlapping files. This layer turns raw events into actionable judgments.

L2Deep Hooks

Claude Code + Cursor + OTLP

Agent-specific integrations that go beyond filesystem observation. Claude Code’s native hooks API provides prompt context, tool calls, and token counts. Cursor’s extension API surfaces composer sessions and edit metadata. OpenTelemetry collectors ingest structured traces from Codex and other OTLP-emitting agents. Not every agent supports L2 — but those that do give Vigil significantly richer data.

L1Universal Capture

FS events + Git + Process detection

The foundation layer that works with every agent, out of the box. Filesystem watchers (FSEvents on macOS, inotify on Linux) capture every file create, write, and delete. Process scanning identifies which running program owns each change. Git monitoring tracks commits and branch operations. This layer alone provides full visibility — the upper layers add depth.

Data Model

All data lives in a single SQLite database at ~/.vigil/vigil.db. No cloud, no network calls, no external dependencies. Both the CLI and the menu bar app query this file directly.

The schema centers on two core tables:

eventsprimary event stream

Every file operation — reads, writes, creates, deletes — with timestamps, agent attribution, session ID, file path, and optional metadata from L2 hooks. This table grows the fastest and is the source of truth for everything else.

cost_eventstoken usage and cost tracking

Records token usage and estimated costs per agent session. Populated by L2 hooks that capture model, token counts, and pricing data from supported agents.

$ sqlite3 ~/.vigil/vigil.db '.tables'

cost_events events

Menu Bar App

The Vigil menu bar app is a native macOS application built with Tauri v2 and React. It sits in your menu bar and provides a persistent, always–visible window into agent activity without touching the terminal.

The app reads directly from the daemon's SQLite database — same file, same data, no API layer in between. It uses the same dark theme as the CLI output and this documentation site: dark backgrounds, cyan accents, monospace typography.

Key features of the menu bar app:

Live agent status

See which agents are currently active, their session IDs, file counts, and collision state — updated in real time as the daemon processes events.

Collision alerts

Desktop notifications when collisions are detected, with one–click navigation to the affected files and sessions.

Cost dashboard

Running token spend by agent with daily and monthly projections, mirroring the vigil cost command in a visual format.

$ vigil app --version

vigil-app 0.4.1 (tauri 2.1.0, react 19.0.0) backend: ~/.vigil/vigil.db theme: dark