claudeers.

🔓 unclaimed — this page was auto-generated from GitHub. Are you the creator?

Claim this page →
// Claude Plugins

Vigilo

An AI hacker for Web3 Smart Contract. for bug bounties, Audit contest, offensive security research, and real-world exploit thinking.

Dormant
63/100
last commit 5 months ago
last release 5 months ago
releases 3
open issues 0
// install
git clone https://github.com/PurpleAILAB/Vigilo

Vigilo

Vigilo

Web3 Smart Contract Security Auditing Agent

From Latin vigilo — "I watch, I guard." An autonomous security legion inspired by the command structure of the Roman army, watching over your smart contracts to find vulnerabilities before attackers do.


What is Vigilo?

Vigilo is an autonomous security legion for smart contract auditing, inspired by the command structure of the Roman army. It runs inside OpenCode, deploying specialized agents in parallel to find vulnerabilities and generate validated PoCs.

The Legion

AgentMission
VigiloOrchestrates the full audit pipeline
QuaestorPre-audit interview & scope planning
ExploratorCode reconnaissance — maps structure and flows
SpeculatorDocumentation intel — extracts design and invariants
Centuriones8 specialist auditors deployed by protocol type

Vigilo running in OpenCode

Proven in the Wild

Real vulnerabilities found by Vigilo in live audit contests.

All I did was specify the target project and submit the report. Vigilo did the rest.

Cantina High Severity Finding

Cantina — Ceiling Rounding Accumulation (High, Accepted)
View full report


Installation

OpenCode

Paste this into your LLM agent session:

Install and configure vigilo by following the instructions here:
https://raw.githubusercontent.com/PurpleAILAB/Vigilo/main/packages/opencode/docs/installation.md

Manual Install

bunx vigilo install

Claude Code

/plugin marketplace add PurpleAILAB/Vigilo
/plugin install vigilo@Vigilo

See the full Installation Guide for more options.

Uninstallation

  1. Remove the plugin from your OpenCode config:
# Edit ~/.config/opencode/opencode.json and remove "vigilo" from the plugin array
  1. Remove configuration files:
rm -f ~/.config/opencode/vigilo.json
  1. Verify removal:
opencode --version

Features

  • Automated Audit Workflow: Scope → Recon (Exploratores) → Deep Analysis (Centuriones) → PoC → Report
  • Specialized Auditors: Reentrancy, Oracle, Access Control, Flashloan, Logic, DeFi, Token, Cross-Chain
  • Multi-Language Support: Solidity, Vyper, Cairo, Rust
  • Foundry Integration: forge build, forge test, forge coverage
  • LSP Integration: Goto-definition, references, diagnostics
  • Parallel Analysis: Multiple auditors running concurrently
  • PoC Validation: Auto-generate and validate Foundry tests

Usage

cd my-solidity-project
opencode

# Start audit
/audit

# Generate PoC
/poc .vigilo/findings/high/H-01-reentrancy.md

Directory Structure

.vigilo/
├── recon/           # Explorator & Speculator outputs
├── findings/        # Vulnerability findings
│   ├── high/
│   └── medium/
├── poc/             # PoC validation logs
└── reports/         # Final reports

Platforms

PlatformPackageStatus
OpenCodepackages/opencodeRecommended
Claude Codepackages/claudeStable

Why OpenCode? More flexibility with model selection, better plugin extensibility, and cost-effective auditing with configurable models per auditor.


Benchmarking

Measure Vigilo's audit accuracy against verified security reports from Code4rena, Sherlock, and Cantina.

# Run full benchmark pipeline
bunx vigilo-bench sherlock_cork-protocol_2025_01 -w -v

Pipeline: checkout → audit → score → report

See packages/bench for full documentation.


Troubleshooting

bunx vigilo doctor
bunx vigilo doctor --verbose
IssueSolution
OpenCode not foundInstall from https://github.com/anomalyco/opencode
Foundry not foundcurl -L https://foundry.paradigm.xyz | bash && foundryup
Vigilo not registeredRun bunx vigilo install again

Development

For contributors working on Vigilo itself.

Setup

git clone https://github.com/PurpleAILAB/Vigilo.git
cd vigilo/packages/opencode
bun install
bun link

Development Mode

  1. Configure local plugin path in ~/.config/opencode/opencode.json:
{
  "plugin": [
    "D:/path/to/vigilo/packages/opencode"
  ]
}
  1. Run watch mode:
bun run dev
  1. Restart OpenCode to load changes.

Quick Commands

TaskCommand
Buildbun run build
Watch modebun run dev
Test CLIbun src/cli/index.ts install
Run doctorbun src/cli/index.ts doctor --verbose

Restore Production Mode

bunx vigilo install

This resets the plugin path to vigilo@latest.


License

Business Source License 1.1

  • Non-production use: Free
  • Production use: Requires commercial license
  • Change Date: 2029-01-21 (converts to Apache-2.0)

Commercial licensing: [email protected]


Ready to hunt bugs? 🔍

Get Started · Report Bug · Request Feature

// compatibility

Platformscli, api
Operating systems
AI compatibilityclaude
LicenseNOASSERTION
Pricingopen-source
LanguageTypeScript

// faq

What is Vigilo?

An AI hacker for Web3 Smart Contract. for bug bounties, Audit contest, offensive security research, and real-world exploit thinking.. It is open-source on GitHub.

Is Vigilo free to use?

Vigilo is open-source under the NOASSERTION license, so it is free to use.

What category does Vigilo belong to?

Vigilo is listed under plugins in the Claudeers registry of Claude-compatible tools.

0 views
52 stars
unclaimed
updated 15 days ago

// embed badge

Vigilo on Claudeers
[![Claudeers](https://claudeers.com/api/badge/vigilo.svg)](https://claudeers.com/vigilo)

// retro hit counter

Vigilo hit counter
[![Hits](https://claudeers.com/api/counter/vigilo.svg)](https://claudeers.com/vigilo)

// reviews

// guestbook

0/500

// related in Claude Plugins

🔓

A single CLAUDE.md file to improve Claude Code behavior, derived from Andrej Karpathy's observations on LLM coding pitfalls.

// pluginsmultica-ai/187,223[ claude ]
🔓

Claude Code is an agentic coding tool that lives in your terminal, understands your codebase, and helps you code faster by executing routine tasks, explainin…

// pluginsanthropics/Python135,848[ claude ]
🔓

"CLI-Anything: Making ALL Software Agent-Native" -- CLI-Hub: https://clianything.cc/

// pluginsHKUDS/Python44,672Apache-2.0[ claude ]
🔓

financial-services — a Claude ecosystem project on GitHub.

// pluginsanthropics/Python33,266Apache-2.0[ claude ]
Ecosystem hubone of the most connected projects in the claude ecosystem · 29 connections
→ see how Vigilo connects across the ecosystem