So I built vigilo.
It sits between your AI agent and your system as an MCP server, logging every tool call — file reads, writes, shell commands, git operations — to a local append-only JSONL ledger. For write operations it captures a unified diff. Every event gets a risk level (read/write/exec), timing, git context, model, and token count.
Nothing leaves your machine. No accounts, no telemetry, no cloud. Arguments and results can be encrypted at rest with AES-256-GCM — the key never leaves ~/.vigilo/.
Works with Claude Code and Cursor. Claude Code uses MCP + a PostToolUse hook to capture both MCP tools and built-in tools (Read, Write, Bash, Edit). Cursor uses MCP + cursor.com's API for real per-request token and cost data.
The CLI gives you: - vigilo view — full session history with collapsible events, diffs, costs - vigilo stats — aggregate breakdown by tool, file, model, project - vigilo watch — live tail as events happen - vigilo dashboard — real-time web UI with SSE live feed, time-series charts, session explorer - vigilo cursor-usage — actual billing data pulled from cursor.com
The ledger is plain JSONL, rotates at 10MB, optionally encrypted. You can export to CSV or JSON anytime.
Built in Rust.