SECURITY OVERVIEW

Local-first automation with a narrow support path.

The Vigil workflow runs on the customer machine. Source spreadsheets, generated PDFs, customer names, bank rows, and mailbox credentials stay local by default. Assisted handoff produces receipts for exploration, install, dry run, readiness, activation, progress, and support.

ASK ABOUT SECURITY VIEW THE PILOT OFFER

No hosted account area in the pilot workflow.

// SUPPORT EVIDENCE

What support sees by default

The support bundle is meant to prove operational state without exposing the customer records that caused the work.

Health checks

Doctor checks, status summaries, version, platform, configured folder paths, and release posture.

Operational counts

Dead-letter counts, log counts, archive counts, impact counts, and run-state summaries.

Redacted identifiers

Non-reversible fingerprints may identify repeated files or cases without including the source data itself.

Included in default support evidence

  • Install and readiness receipts.
  • Version, platform, and configured local folder checks.
  • Status, doctor, dead-letter, log, archive, and impact counts.
  • Redacted case metadata and non-reversible fingerprints.

Excluded by default

  • Raw invoices, generated PDFs, emails, and line items.
  • Customer names, full customer lists, and bank rows.
  • SMTP passwords, OAuth tokens, and mailbox credentials.
  • Source spreadsheets unless the customer explicitly sends one for review.
LOCAL CONTROLS

Controlled exports require customer intent

Dataset exports are not the default support path. When a customer chooses to create one, the export is explicit and should contain operational event metadata only, not raw financial records.

  • Secrets stay in the OS keychain

    Where supported, mailbox credentials are stored by the operating system rather than in plain text.

  • Dashboard binds to localhost

    The operator dashboard is meant for the local machine by default, not the public internet.

  • Security scans and SBOM in release

    Release checks include security scanning and a software bill of materials for installed packages.

  • Human approval remains the boundary

    Support diagnostics help the operator. They do not send customer-visible messages or change workflows alone.

Review security before the first workflow

Vigil starts with the local-first model, redacted support evidence, and a narrow pilot. Security questions should be answered before deployment day.

ASK ABOUT SECURITY VIEW THE PILOT OFFER