API reference · Integration engineers and API documentation readers
Vigil · v0.6+ HTTP · localhost:18820 Reference

Governance HTTP API

Vigil exposes a localhost HTTP server (the daemon) that evaluates tool calls and streams governance state to Light Station. This reference documents request/response shapes and fail-closed semantics.

Canonical source: API_CONTRACT.md ↗ · Vigil INTEGRATION_PROTOCOL.md

Overview

OpenClaw plugin / demo agent
        │  POST /evaluate
        ▼
Vigil daemon (127.0.0.1:18820)
        │  allow | deny | escalate | reject
        ▼
Light Station (proxies observability endpoints)

Two endpoint families: enforcement (/evaluate, /health) and observability (state, queue, audit, SSE) consumed by Light Station.

Auth and base URL

SettingDefaultEnv var
Vigil base URLhttp://127.0.0.1:18820VIGIL_BASE_URL
AuthNone (localhost)Optional Authorization: Bearer <VIGIL_API_KEY>
Binding127.0.0.1 onlyNo remote access in v0.6

Legacy CLAWLAW_* env aliases supported; VIGIL_* takes precedence.

POST /evaluate

Evaluate an OpenClaw tool call against governance policy. Called before each tool execution.

Request body

{
  "tool": "write",
  "parameters": { "path": "/workspace/test.txt", "content": "hello" },
  "agent_id": "openclaw-main"
}
FieldTypeRequiredDescription
toolstringyesOpenClaw tool name
parametersobjectyesTool parameters (heterogeneous JSON)
agent_idstringnoAgent identifier (default: openclaw)

Response 200

{
  "decision": "allow",
  "rationale": "Budget OK: 100/10000 tokens (1%)",
  "approval_id": null,
  "trace_summary": "Vigil: 6 laws evaluated — ..."
}
decisionMeaning
allowTool call may proceed
denyBlocked by governance law (e.g. outside sandbox)
escalateRequires Principal approval (shell, deletion)
rejectGovernance allowed but budget insufficient

Observability endpoints

Consumed by Light Station. All return JSON unless noted.

MethodPathResponsePurpose
GET/healthstatus and version fieldsConnectivity check
GET/governance/stateGovernanceStateEnforcement level, budget, queue depth
GET/governance/configconfig objectJurisdiction, law list, version
GET/queuePendingApproval[]HOLD items awaiting Principal
POST/queue/:id/approveAuditEntryBody: optional reason string
POST/queue/:id/rejectAuditEntryBody: required reason string
GET/audit?limit&offsetAuditEntry[]Hash-chained decision log
GET/audit/:idAuditEntry | nullSingle entry
POST/budget/increaseAuditEntryBody: amount and reason
POST/budget/resetAuditEntryBody: reason
GET/agentsAgentStatus[]Agent roster
GET/agents/:idAgentStatus | nullSingle agent
POST/sprint/authorizeAuditEntryBody: ticketId, sprintId — audit only

GET /governance/state example

{
  "enforcementLevel": "Normal",
  "budgetUsedPercent": 42,
  "budgetTotal": 100000,
  "budgetUsed": 42000,
  "agentsRunning": 1,
  "queueDepth": 0,
  "eventsPerMinute": 8,
  "connectedAt": "2026-07-01T12:00:00.000Z"
}

Verdict mapping (Vigil → Light Station)

Vigil decisionLight Station verdict
allowALLOW
deny, rejectDENY
escalateHOLD

GET /events (SSE)

Accept: text/event-stream — real-time governance events for Lookout.

Each event is a single data: line containing GovernanceEvent JSON:

{
  "id": "uuid",
  "type": "file_write",
  "verdict": "ALLOW",
  "lawNumber": null,
  "agentId": "openclaw-main",
  "summary": "ALLOW file_write",
  "detail": "Budget OK: ...",
  "timestamp": "2026-07-01T12:00:00.000Z"
}

Fail-closed semantics

OpenClaw plugin behavior (client-side): connection refused, timeout (5s), non-200, or any network error → block the tool call. Fail-closed is enforced in the client, not only the server.

Mock path: VIGIL_MOCK=true uses the mock client for offline dev and CI. Do not remove — P0 invariant.

Error responses (/evaluate)

StatusBodyCause
400Invalid request body error JSONMalformed JSON
404Not found error JSONWrong path
405Method not allowed error JSONWrong HTTP method
500Internal server error JSONServer failure
502Vigil unreachable error JSONLight Station proxy when upstream down