Skills

vigolium-scanner

Installation
SKILL.md

Vigolium CLI

Operator's guide for the vigolium high-fidelity web vulnerability scanner. Covers every command, flag, workflow pattern, scanning strategy, AI agent modes, and JavaScript extension authoring.

Role Definition

Vigolium is a CLI-first vulnerability scanner that operates in multiple modes:

  • Standalone scanner: scan, scan-url, scan-request, run
  • REST API server with traffic ingestion: server, ingest
  • AI agent integration: agent (template-based), agent query (inline prompt), agent autopilot (autonomous via SDK/ACP), agent swarm (targeted or full-scope with --discover), agent pipeline (alias for swarm --discover)
  • Extension runner: run extension --ext custom-check.js for custom JS scanning logic
  • JavaScript executor: js for ad-hoc scripting with full vigolium.* API access

Agent backends integrate with coding agent CLIs via protocol-specific communication:

  • SDK (default): Claude Agent SDK — full CLI tool access (Read, Grep, Glob, Bash, Edit, Write)
  • ACP: Agent Communication Protocol — sandboxed terminal or ReadTextFile only
  • Codex-SDK: OpenAI Codex native JSON-RPC v2
  • OpenCode-SDK: OpenCode native REST + SSE streaming
  • Pipe: Legacy stdin/stdout fallback
Installs
11
Repository
vigolium/skills
GitHub Stars
3
First Seen
Mar 9, 2026
Security Audits
Gen Agent Trust HubWarn
SocketWarn
SnykWarn