Vigil Guard
Vigil GuardEnterprise AI Detection and Response Platform

Build and secure your AI applications

ML models, typed SDKs, and drop-in integrations for Claude Code, n8n, LiteLLM, and custom stacks.

Models, SDKs, and integrations

Every component of Vigil Guard's detection stack, available standalone.

VGE CC-Guard

Safe Claude Code, out of the box

Claude Code can read your .env, run shell commands, edit your repo, and pull untrusted content from the web. CC-Guard intercepts every tool call, screens outputs through Vigil Guard Enterprise (VGE) before Claude sees them, and asks you to decide when something is risky. Your team keeps the productivity of Claude Code without the silent leaks, prompt injections, or accidental writes.

  • Per-tool gate: allow, ask, or block before execution
  • PostTool output analysis through VGE with quarantine and HITL decisions
  • Credential path deny-list (.env, ~/.ssh, AWS, GCP, kube secrets)
  • URL Access Baseline blocks cloud metadata endpoints and unsafe URL shapes
  • Native Claude Code permissions editor (allow, ask, deny tables)
  • Local JSONL audit log, no raw blocked tool output stored

Install

$ npm install -g @vigil-guard/vge-cc-guard

Then run vge-cc-guard install --apply --scope=user to wire it into Claude Code.

VGE CC-Guard terminal UI configurator with Setup, Policy, Observe and System menu sections

VGE PromptGuard v3.2

VGE PromptGuard v3.2 is the production detection model inside Vigil Guard Enterprise, our top-class commercial detector. We keep it closed by design: we do not, and will not, publish its weights, so attackers cannot profile the detector offline and engineer evasions against it. Its open-weight predecessor, VGE PromptGuard v1g, stays public so you can evaluate our detection approach directly.

VGE PromptGuard v1g model card on Hugging Face showing evaluation results and model details
  • Native English and Polish, with code-aware classification of source code and tool output
  • 0.981 F1 on direct prompt injection (open-weight v1g, published benchmark)
  • 97.5% agentic attack detection across tool outputs, API responses, and function returns
  • Sub-1% false positive rate on production-representative benign traffic
  • 2× overall F1 vs the base model on Protect AI's validation set (0.934 vs 0.452)
  • Real-time CPU inference, no GPU required

Python SDK

Official Python SDK for Vigil Guard Enterprise

from vigil_guard import VigilClient
client = VigilClient(api_key="...")
result = await client.guard(prompt)
  • Full API access
  • Async support
  • Type hints & documentation
  • Policy management

LiteLLM Guardrail (official)

Vigil Guard is a built-in guardrail provider in LiteLLM Proxy. Add one block to config.yaml and protect every model behind your gateway. No separate connector to install.

LiteLLM Create guardrail dialog with Vigil Guard selected as the guardrail provider
  • Native vigil_guard provider, shipped inside LiteLLM
  • Configure in config.yaml, no extra repo or build step
  • pre_call and post_call modes: scan prompts and model output
  • ALLOW / SANITIZE / BLOCK based on your policy
  • Inspects tool-call arguments on post-call checks
  • Fail-closed by default, fail_open available per guardrail

n8n Verified Community Node

Verified and available on n8n Cloud and n8n On-Prem since March 21, 2026. Add VigilGuard AI security directly to your workflows from the canvas.

n8n workflow with Vigil Guard input and output guard nodes protecting an AI agent
  • Visual workflow builder
  • Protect AI agents at runtime
  • ALLOW / SANITIZE / BLOCK actions
  • No coding required

You can't secure what you don't see.

AI is already part of your environment. Vigil Guard makes it visible, controllable and safe.