Add vigil: Onchain security scanner for DeFi on Base

[vigilcodes]

Summary

Adds VIGIL — an onchain security scanner skill for DeFi traders on Base.

What it does

5 security tools via MCP:

• Approval Scanner — flag unlimited allowances
• Token Scanner — rugpull indicators (hidden mint, proxy, tax, blacklist)
• Honeypot Detector — simulate buy/sell
• Safety Score — 0-100 contract rating
• Wallet Report — full security assessment

Live

• Endpoint: https://mcp.vigil.codes (HTTPS)
• Website: https://vigil.codes
• GitHub: https://github.com/vigilcodes/vigil-mcp

Integration

Already live in Aeon autonomous agent stack. Any MCP-compatible client can call these tools via JSON-RPC.

[clawsweeper]

Thanks for the idea. I checked the current extension path, and this is a better fit for ClawHub.com than OpenClaw core.

Close: this is a skill-only addition for an external DeFi/MCP service, and OpenClaw's current direction routes new skills and optional MCP surfaces through ClawHub or existing registries rather than bundling them in core.

So I’m closing this as a scope-fit item for the plugin/community path. Please upload or publish it through ClawHub.com so it can live as an installable community skill instead of a bundled OpenClaw core change.

Review details

Best possible solution:

Keep OpenClaw core unchanged and have VIGIL publish the skill or bundle through ClawHub, or document direct openclaw mcp add setup if that hosted endpoint supports OpenClaw's MCP client registry.

Do we have a high-confidence way to reproduce the issue?

Not applicable; this is a skill publication PR, not a bug report. The diff and PR body are enough to classify the requested capability and distribution surface.

Is this the best way to solve the issue?

No; adding a new third-party VIGIL skill directly to core is not the best path because ClawHub and the existing MCP registry already support external skills/MCP servers without a missing core API.

Security review:

Security review needs attention: The diff would promote a hosted third-party scanner endpoint in core without ClawHub provenance/security review.

• [medium] Route hosted scanner through ClawHub review — skills/vigil/SKILL.md:31
  Bundling this skill would direct users' wallet or contract scans to https://mcp.vigil.codes from OpenClaw's core skill set; ClawHub is the intended place for third-party skill provenance, ownership, and security checks.
  Confidence: 0.86

AGENTS.md: found and applied where relevant.

What I checked:

• PR diff: The submitted patch adds only skills/vigil/SKILL.md, a 93-line skill file with VIGIL tool descriptions and curl calls to https://mcp.vigil.codes. (skills/vigil/SKILL.md:1, 5646ae672b29)
• Core direction: VISION.md says optional capability should usually ship as plugins, bundle-style plugins can package skills/MCP servers, and new skills should be published through ClawHub first rather than added to core by default. (VISION.md:90, 38f1db6d67f0)
• Skill install path: The public skills docs already identify ClawHub as the public skills registry and describe install, update, verify, and scan behavior for ClawHub skills. Public docs: docs/tools/skills.md. (docs/tools/skills.md:142, 38f1db6d67f0)
• Skill publishing path: The ClawHub publishing docs say skills are published from a skill folder and that ClawHub validates owner permissions, metadata, and security checks before normal availability. Public docs: docs/clawhub/publishing.md. (docs/clawhub/publishing.md:24, 38f1db6d67f0)
• Existing MCP surface: The MCP docs already support saving third-party HTTP MCP servers with openclaw mcp add/set, including --url and --transport streamable-http, so this PR does not show a missing core MCP API. Public docs: docs/cli/mcp.md. (docs/cli/mcp.md:30, 38f1db6d67f0)
• Canonical search: Local and GitHub searches found no narrower OpenClaw core issue or PR for VIGIL beyond this PR; the linked external VIGIL service/repository is the right external implementation context.

Likely related people:

• @vincentkoc: Git blame and path history tie the current VISION, skills CLI, and ClawHub routing guidance used for this decision to commit a7c8b2a46ae56578637f58e8a755065c6d5379aa. (role: recent area contributor; confidence: high; commits: a7c8b2a46ae5; files: VISION.md, docs/tools/skills.md, src/cli/skills-cli.ts)

Codex review notes: model gpt-5.5, reasoning high; reviewed against 38f1db6d67f0.

[vigilcodes]

Update: the same VIGIL skill was just merged into the Aeon agent framework after a 3-round technical review by @aaronjmars (aaronjmars/aeon#323).

The reviewed-and-merged SKILL.md addresses several issues that may also apply here:

• Strict input validation (^0x[0-9a-f]{40}$ allowlist) — closes shell-injection via ${var}
• Helper that fails loudly on non-200 / JSON-RPC error bodies instead of passing null to jq
• Uses the advertised vigil_* prefixed tool names from /tools/list
• HTTPS endpoint (https://mcp.vigil.codes) — no raw IPs, no plaintext

The MCP server itself has also expanded since this PR was opened: 10 read-only tools now (added vigil_token_market, vigil_deployer_check, vigil_batch_scan, vigil_check_scam, vigil_monitor_wallet) and an autonomous Sentinel loop. Primary verdict source is now GoPlus Security (keyless).

If it helps, I can sync the merged Aeon version of SKILL.md here as well — happy to push an update on this branch. Just let me know what works for the OpenClaw skills format.

[vigilcodes]

Understood — thanks for the routing. I'll publish VIGIL as an installable community skill via ClawHub rather than a core change.

For context, the same skill was merged into the Aeon framework after a 3-round security review (aaronjmars/aeon#323), so the SKILL.md here is already hardened: strict ^0x[0-9a-f]{40}$ input validation, loud error handling on non-200 / JSON-RPC error bodies, and an HTTPS-only endpoint (https://mcp.vigil.codes).

Moving to ClawHub as suggested. Appreciate the pointer 🙏