The /vigil Skill

Scan any codebase for EU regulatory compliance issues — directly from your terminal.

What it checks

  • 🔐 PII storage without encryption (GDPR Art. 32)
  • 📋 Logging personal data (GDPR Art. 5)
  • 🌍 Cross-border data transfers (GDPR Art. 46)
  • 🤖 Automated decisions without human review (AI Act Art. 14)
  • 📝 Missing consent mechanisms (GDPR Art. 7)
  • 🗑 No data retention / deletion policy (GDPR Art. 17)
  • 🔑 Hardcoded credentials (Security best practice)
  • 🧠 AI without transparency disclosures (AI Act Art. 52)
  • 📄 Privacy policy gaps (GDPR Art. 13/14)
  • ☁ Non-EU cloud infrastructure (GDPR Art. 46)

What you need

No coding required. You just type one command and Vigil scans your whole project automatically.
⬇ Download SKILL.md

Step-by-step setup

🪟 Windows
🍎 Mac / Linux

Step 1 — Install Claude Code

Open PowerShell (search "PowerShell" in Start menu) and paste:

npm install -g @anthropic-ai/claude-code
Don't have npm? Install Node.js first from nodejs.org (download the LTS version, run the installer, restart PowerShell).

Step 2 — Install the /vigil skill

Still in PowerShell, paste these 3 lines one by one:

mkdir "$env:USERPROFILE\.claude\skills\vigil" -Force
Copy-Item "$env:USERPROFILE\Downloads\SKILL.md" "$env:USERPROFILE\.claude\skills\vigil\SKILL.md"
This assumes you downloaded SKILL.md to your Downloads folder using the button above. If you saved it elsewhere, replace Downloads\SKILL.md with the correct path.

To verify it worked:

cat "$env:USERPROFILE\.claude\skills\vigil\SKILL.md"

You should see the skill file contents.

Step 3 — Go to your project folder

cd C:\path\to\your-project

For example:

cd C:\Users\YourName\Documents\my-app

Step 4 — Run the scan

Start Claude Code:

claude

Wait for it to load, then type:

/vigil

That's it! Vigil will scan your entire project and generate a compliance report with specific findings, file paths, and recommended fixes.

Step 1 — Install Claude Code

Open Terminal (Cmd+Space, type "Terminal") and paste:

npm install -g @anthropic-ai/claude-code
Don't have npm? Install Node.js first: brew install node (if you have Homebrew) or download from nodejs.org.

Step 2 — Install the /vigil skill

Still in Terminal, paste these 2 lines one by one:

mkdir -p ~/.claude/skills/vigil
cp ~/Downloads/SKILL.md ~/.claude/skills/vigil/SKILL.md
This assumes you downloaded SKILL.md to your Downloads folder using the button above. If you saved it elsewhere, replace ~/Downloads/SKILL.md with the correct path.

To verify it worked:

cat ~/.claude/skills/vigil/SKILL.md

You should see the skill file contents.

Step 3 — Go to your project folder

cd /path/to/your-project

For example:

cd ~/Documents/my-app

Step 4 — Run the scan

Start Claude Code:

claude

Wait for it to load, then type:

/vigil

That's it! Vigil will scan your entire project and generate a compliance report with specific findings, file paths, and recommended fixes.

Example: what /vigil finds in a fintech app

Repository: sample-fintech-app  ·  Scanned: 4 source files, 1 document, 1 config  ·  Issues found: 5
CRITICAL

PII logged in plaintext

File: app.py:15 · GDPR Article 5(1)(f)

User email addresses are printed to stdout in plaintext during login.

Fix: Remove PII from logs or use pseudonymization.

CRITICAL

Automated credit scoring without human oversight

File: scoring.py:10 · AI Act Article 14, GDPR Article 22

Credit decisions are fully automated with no human-in-the-loop or appeal mechanism.

Fix: Add human review step for denied applications, implement right to explanation.

CRITICAL

Hardcoded database credentials

File: config.py:6 · NIS2 Art. 21

Production database password stored in source code.

Fix: Use environment variables or a secrets manager.

HIGH

Non-EU data storage

File: config.py:9 · GDPR Article 46

AWS region set to us-east-1 — personal data stored outside EU.

Fix: Migrate to eu-central-1 or implement Standard Contractual Clauses.

HIGH

No transparency disclosure for AI decisions

File: scoring.py:19 · AI Act Article 52

Users are not informed that decisions are made by AI.

Fix: Add clear disclosure that credit scoring uses automated AI processing.

The /vigil skill is open source · Works with any codebase · Powered by Claude