vigil
Provides safety guardrails for AI agents, validating tool calls to prevent destructive actions and enhance security.
Install this skill
or
0/100
Security score
The vigil skill was audited on Feb 16, 2026 and we found 9 security issues across 4 threat categories, including 3 critical. Review the findings below before installing.
Categories Tested
Security Issues
critical line 46
Eval function call - arbitrary code execution
SourceSKILL.md
| 46 | - Encoding attacks (base64 decode, eval(atob())) → BLOCK |
critical line 44
Access to /etc/shadow
SourceSKILL.md
| 44 | - Path traversal (../../../etc/shadow) → BLOCK |
high line 44
Path traversal pattern
SourceSKILL.md
| 44 | - Path traversal (../../../etc/shadow) → BLOCK |
critical line 42
Access to SSH directory
SourceSKILL.md
| 42 | - Data exfiltration (curl to external, .ssh/id_rsa access) → BLOCK |
medium line 46
Base64 decode operation
SourceSKILL.md
| 46 | - Encoding attacks (base64 decode, eval(atob())) → BLOCK |
medium line 46
Base64 decode via atob()
SourceSKILL.md
| 46 | - Encoding attacks (base64 decode, eval(atob())) → BLOCK |
low line 19
External URL reference
SourceSKILL.md
| 19 | - **npm:** https://www.npmjs.com/package/vigil-agent-safety |
low line 102
External URL reference
SourceSKILL.md
| 102 | - npm: https://www.npmjs.com/package/vigil-agent-safety |
low line 103
External URL reference
SourceSKILL.md
| 103 | - Docs: https://hexitlabs.com/vigil |
Scanned on Feb 16, 2026
View Security Dashboard