vigolium agent audit --driver=audit: embedded driver that drives theclaudeorcodexCLI under the hood. Up to 12 phases atdeep. No extra install.vigolium agent audit --driver=piolium: Pi-native driver. Up to 17 phases atdeep. Requires thepiruntime and thepioliumextension. Supports any provider Pi supports, including local models.
vigolium agent audit dispatcher can run either harness alone, both side-by-side, or auto-pick based on what is available.

Prerequisites
- A working olium provider (Claude / OpenAI / Codex / local). See Setting Up the Agent.
- For the embedded audit driver, either the
claudeorcodexCLI on$PATH— the embedded harness drives whichever one matches your configured olium provider (anthropic-* → claude, openai-* → codex), or pass--agent claude|codexto override. - For
piolium,pion$PATHpluspi install git:[email protected]:vigolium/piolium.git.
Quick Start, vigolium agent audit
The unified driver, fastest path to a first audit. By default (--driver=auto) it runs the embedded vigolium-audit harness and only falls back to piolium if audit is unavailable.


--source is required, the audit reads code, not network traffic. It accepts a local path, a git URL (cloned shallow by default), or an archive (.zip/.tar.gz/.tar.bz2/.tar.xz).

Audit modes
| Mode | Phases | When to use |
|---|---|---|
lite | 3 | CI/PR gates, routine triage. Quick recon, secrets scan, fast SAST. |
balanced (default) | 9 | Daily regression scans. Adds intelligence, knowledge-base, deep probe, FP review, PoC. |
deep | 12 | Pre-release / compliance audits. Adds commit archaeology, patch bypass, adversarial debate, cold verification, variant hunting. |
revisit | 10 | Second offensive pass on the same code. Reuses prior KB; surfaces findings round one missed. |
confirm / merge | 7 | Boot-and-verify existing findings (confirm) or normalize results from multiple inputs (merge). |
diff | 1 | Incremental audit limited to changes since the last audited commit. |
longshot | 3 | Hail-mary file-by-file hunt (also available as a piolium mode). |
reinvest | 3 | Cross-agent re-verification of CRITICAL/HIGH findings using a different agent platform. Audit-only. |
refresh | varies | Routing convenience: revisit if a prior KB exists, otherwise a fresh deep pass. Audit-only. |
mock | — | Wire-up test, emits sample output without spending tokens. Audit-only. |
smoke | — | Piolium-only smoke test. |
vigolium agent audit --list-modes to print the full mode graph and time estimates for the embedded audit binary.
Multi-round audits and the confirm mode
LLM-driven audits are not deterministic. Two runs of the same balanced audit on the same commit will not produce the exact same finding set, an agent’s reasoning, tool-call ordering, and which insights it chases all vary between runs. On top of that, the agent has no built-in concept of your product, what looks like a privilege escalation in isolation is often a documented feature, an internal admin tool, or a deliberate trust boundary.
The practical workaround is to run the audit in multiple rounds rather than treating a single run as the final word:
- Round 1, broad pass — run
balancedordeepagainst the source. Expect a mix of real bugs, plausible-but-wrong reasoning, and design-intent false positives. - Round 2, revisit — run
--mode revisiton the same source. It reuses round one’s knowledge base and explicitly hunts for what the first pass missed, often surfaces variants and missed sinks without re-reporting the same findings. - Round 3, confirm with intent — run
--mode confirmagainst the priorvigolium-results/directory and feed it the product context the agent couldn’t infer: which endpoints are intentionally public, which “auth bypass” is a documented dev-only flag, which “SSRF” is the metadata-service probe your own infra needs, etc. The agent re-reads each finding against that context, drops the design-intent false positives, and locks in what’s left.

audit-intent.md is a free-form note you write describing what’s a feature vs a bug for this codebase. A useful skeleton:
Piolium, the Pi-native alternative
piolium runs the same multi-phase audit through the Pi coding-agent runtime instead of Claude/Codex. Use it when:
- You’re on an OpenAI key (GPT-5.x, Codex) and want quality comparable to a Claude-Opus run.
- You’re using Gemini or another Vertex/Bedrock-hosted non-Anthropic model.
- You want to swap providers (
--pi-provider/--pi-model) without changing the pipeline. - You need
longshotmode, file-by-file hail-mary hunting (piolium only).
--plm-* passthroughs.
Running both, --driver=both
vigolium agent audit is the unified dispatcher. By default (--driver=auto) it runs the embedded audit harness and only falls back to piolium if audit is unavailable. Pass --driver=both to run audit and piolium back-to-back against the same source tree under one parent AgenticScan, with per-driver child rows and a post-pass project-wide findings dedup.

--driver=auto or --driver=both, mode must be in the shared set (lite / balanced / deep / revisit / confirm / merge). Driver-specific modes (longshot / smoke for piolium; mock / reinvest / refresh for audit) require --driver=piolium or --driver=audit.
Where findings go
Findings land in the samefindings table as the rest of Vigolium, tagged by source:
Raw output in the source tree, --keep-raw / --clean-raw
During a run vigolium-audit writes its working output (raw scanner output, draft findings, intermediate workspaces) to <source>/vigolium-results/, and vigolium syncs a copy into the session directory above.
--keep-rawis on by default — the<source>/vigolium-results/copy is retained after the run so you can review it or re-import it. (Audit leg only; no effect on piolium.)--clean-rawremoves<source>/vigolium-results/from the source tree after the run. The session-directory copy is always kept either way.--keep-rawand--clean-rawtogether is an error.
The REST
keep_raw default is unchanged (off) — this default flip is CLI-only.One-shot report, -S / --stateless
-S/--stateless runs the entire audit against a throwaway temporary database (your main DB is left untouched, mirroring vigolium scan -S) and, when it finishes, auto-renders a self-contained HTML report from the run’s findings — no separate vigolium import step.
vigolium-result/vigolium-audit-report.html by default; -o/--output overrides it and supports gs://<project>/<key> upload and the {ts} timestamp placeholder. -S cannot be combined with --interactive.
Without
-S, findings persist to your database as usual; build a report afterward with vigolium import <results-dir> --format html -o report.html or vigolium export.Bundle report + raw results, --output-dir
--output-dir <dir> (stateless-only) collects a -S run’s artifacts into one folder: the HTML report (as <dir>/vigolium-audit-report.html) and a copy of the raw vigolium-results/ tree(s). One driver lands flat at <dir>/vigolium-results/; multiple drivers are namespaced under <dir>/<driver>/vigolium-results/. The source-tree copy is left in place (per --keep-raw).
-o/--output nests under <dir>; an absolute path or gs:// URL escapes it. Both {ts} and {project-uuid} expand in <dir>. Running -S without --output-dir warns that raw output stays under <source>/vigolium-results/; passing --output-dir without -S is ignored with a warning.
In-pipeline audit (alongside autopilot / swarm)
When you pair--source with vigolium agent autopilot or vigolium agent swarm, vigolium-audit (or piolium, when locally available) runs first, its findings feed into the operator’s frozen context bundle before the autonomous scan starts.
Next steps
- Agent Mode, full reference for every
vigolium agentsubcommand. - Setting Up the Agent, provider/credential setup.
- Agentic Scanning, autopilot and swarm modes.
