Product Roadmap

Full pattern-matching scanner covering tool poisoning, exfiltration, obfuscation, permission abuse, and instruction injection across MCP servers and agent skills.

Code analysis, dependency health, permission safety, behavioral stability, and transparency weighted into a 0-100 trust score.

Automated crawling from npm, Smithery, PyPI, and GitHub. Community reports and trust score lookup.

Detect injection, malware delivery, stealth behavior, and exfiltration in SKILL.md and .mdc files.

Query trust scores and scan servers directly from Claude Code, Cursor, or any MCP client.

Detect RLS misconfigurations, exposed credentials, insecure rules, and missing security headers on Supabase and Firebase projects.

Live 3D visualization of global MCP server activity. WebSocket event stream, threat tracers, and real-time alerting.

Scan MCP servers and agent skills in CI/CD. Block PRs that introduce security regressions.

Export scan results as SARIF for integration with GitHub Code Scanning, VS Code, and other SARIF-compatible tools.

Embeddable trust score badge in 4 variants (standard, compact, wide, badge). Show your server's trust score on any page.

Monitor multiple MCP server deployments from a single dashboard. Concurrent session monitoring, alert routing, and fleet-wide trust scores.

Push scan results and Sentinel alerts to Slack channels and custom webhooks. Pro+ feature.

Write your own detection rules and run them alongside Vigile's built-in patterns. Pro feature.

Verify that agents operating in physical contexts are where they claim to be. Trust-adjusted risk scoring for location-dependent transactions.

Pre-verified security configurations for Supabase, Firebase, MCP servers, and CI pipelines. Community-contributed, Vigile-scanned.