VigilVigil

Open source · Self-hosted · BYOK

AI email triage.
Multi-model pipeline.

Vigil is an open source email agent. Forward emails to it and the agent reads each one, tracks conversation threads, builds persistent memory, and decides what to do. Usually nothing. No inbox access. No stored bodies. Bring your own API key.

ArchitectureHow the agent works →

What it does

Reads email. Remembers context. Acts only when needed.

Reads everything

Every forwarded email gets analyzed: sender, intent, urgency, entities. The body is discarded after processing. Only a SHA-256 hash is retained.

Remembers across emails

The agent writes structured memory after each email. Vendor patterns, deadlines, response habits. BM25 + time-decay retrieval without embeddings.

Acts sparingly

Most emails result in a quiet memory update. The agent fires tools — alerts, webhooks — only when its judgment says something actually requires attention.

Pipeline

Multi-model classification pipeline

A nano model pre-screens every email before full triage, eliminating roughly 40% of LLM spend on clearly ignorable mail. The full triage model only runs when pre-screening deems it necessary.

1. Pre-screen

gpt-4.1-nano classifies urgency. ~$0.0001/email.

2. Context load

Relevant memories retrieved via BM25 + time decay.

3. Full triage

gpt-4.1-mini analyzes, extracts entities, decides.

4. Tool execution

Alert, webhook, thread update — or nothing.

Bring Your Own Key

Your keys. Your models. Your cost.

Vigil is free software. Connect your own OpenAI, Anthropic, or Google API key and pay your provider directly at their published rates. No platform fees, no markup.

Any provider

Bring your own OpenAI, Anthropic, or Google API key. Switch anytime.

Pick per watcher

Nano models for cheap triage, pro models for complex analysis. Mix and match.

No markup

You pay your provider directly at their API rates. Vigil adds nothing.

Encrypted at rest

Keys are stored with AES-256-GCM encryption. Never logged, never exposed.

See model costs per email →

Privacy model

Your email never leaves your provider.

Vigil never connects to your inbox. No OAuth, no passwords, no API tokens to your email account. A standard forwarding rule sends a copy. The email body is processed in memory and discarded. Stop by deleting the forwarding rule.

Privacy policy →Security details →Architecture →

No inbox access

Forwarding rules only

No stored bodies

SHA-256 hash proves receipt

No OAuth

No passwords or API tokens

You control it

Delete the rule to stop

Documentation

Everything is documented.

Watchers

Agents with custom prompts and tools.

The Agent

How it analyzes, remembers, and decides.

Memory System

How context builds across all emails.

Email Setup

Forwarding rules and filter configuration.

Architecture

Data flow, privacy model, what gets stored.

Security

What is discarded. What is kept. Why.

API and Integrations

REST API, webhooks, any framework.

Chrome Extension

Guided setup for Gmail and Outlook.