Signals
Two layers. Six signals. Full verification.
Vigil verifies your PR through two layers. The Trust Verification layer checks claims, detects undocumented changes, scans for credentials, and maps test coverage. The Deep Analysis layer runs contract checking and diff analysis for deeper insight. All six signals are combined into a weighted average score from 0 to 100, giving you a single number that represents merge confidence.
Trust Verification(Free)
Core verification signals that run on every PR, included in the Free tier. These cover the essentials: verifying claims, catching undocumented changes, scanning for leaked credentials, and checking test coverage.
| Signal | Weight | What it measures |
|---|---|---|
| Claims Verifier | 30 | LLM verifies each claim in the PR body against the actual diff |
| Undocumented Changes | 25 | LLM scans the diff for changes not mentioned in the PR body |
| Credential Scan | 20 | Detects hardcoded secrets, API keys, and tokens in the diff |
| Coverage Mapper | 10 | Checks that changed files have corresponding test files |
Deep Analysis(Pro)
Advanced signals available on Pro and Team plans. These provide deeper structural analysis of your code changes.
| Signal | Weight | What it measures |
|---|---|---|
| Contract Checker | 10 | Verifies API/frontend type contracts match across files |
| Diff Analyzer | 5 | LLM analyzes diff for structural and semantic issues |
How Scoring Works
The confidence score is a weighted average of all active signal scores. Each signal contributes proportionally to its weight:
score = sum(signal_score * weight) / sum(weights)
The total weight across all 6 signals is 100. On the Free tier, only the 4 Trust Verification signals run, and their weights are renormalized. Signals that are skipped (e.g., Pro signals on a Free plan) are excluded from the calculation entirely.
Failure Cap
If any deterministic (non-LLM) signal has passed: false, the final score is capped at 70. This means a PR can never reach “Safe to merge” status if a critical, deterministic check has failed. Only Credential Scan and Coverage Mapper can trigger the failure cap. LLM-based signals (Claims Verifier, Undocumented Changes, Contract Checker, Diff Analyzer) do not trigger it.
Signal Details
Explore individual signals in depth:
Trust Verification (Free)
- Claims Verifier — Validates PR claims against the diff
- Undocumented Changes — Detects unreported diff changes
- Credential Scan — Secret detection in diffs
- Coverage Mapper — Test file coverage analysis
Deep Analysis (Pro)
- Contract Checker — API/frontend compatibility verification
- Diff Analyzer — LLM-powered structural diff analysis