Sardis Cards
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This is a coherent payment-card integration, but it gives an agent high-impact financial powers and access to full card details without visible approval or scoping guardrails.
Install only if you trust the Sardis provider and intend to let an agent handle payment-card operations. Use a tightly scoped API key, hard account spending limits, merchant allowlists, and manual confirmation for issuing cards, revealing card details, unfreezing cards, raising limits, or deleting cards.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
An agent with the API key could create or manage payment cards and affect real-world spending if misprompted or used too broadly.
The skill is designed for model-invoked real-world financial card issuance and management, but the visible instructions do not require human approval for high-impact actions.
description: Virtual card issuance and management for AI agents to make real-world purchases ... disable-model-invocation: false ... curl -X POST https://api.sardis.sh/v2/cards
Require explicit user approval for card issuance, card reveal, unfreeze, spending-limit increases, and termination; use hard account-level spending caps and merchant allowlists.
Misuse or leakage of the API key could expose card numbers/CVV and allow control over virtual cards.
A single bearer credential is used for sensitive card operations, including revealing full card details, and the artifact does not describe least-privilege scopes or separate approval boundaries.
export SARDIS_API_KEY=sk_your_key_here ... Authorization: Bearer $SARDIS_API_KEY ... /cards/{card_id}/reveal ... "number": "4111111111111111", "cvv": "123"Use the lowest-privilege Sardis key available, separate reveal/write permissions if the provider supports it, rotate keys regularly, and keep the key out of chat transcripts and logs.
Full card numbers and CVV values could end up in agent context, terminal output, or logs if not carefully redacted.
The skill expects full payment-card details to be returned into the agent workflow; it warns against logging or displaying them, but users still need to ensure context and log retention are controlled.
# Get full card details for use (SENSITIVE - log carefully) ... "number": "4111111111111111", "cvv": "123" ... # WARNING: Never log or display this response
Reveal card details only when necessary, avoid storing them in memory or transcripts, and configure redaction/no-retention controls for command output.
If that frontmatter is honored by an installer, an external package may be installed outside the reviewed artifact set.
The SKILL.md metadata references an external npm package even though the supplied registry context says there is no install spec and no code files were reviewed.
install:
npm:
- "@sardis/sdk"Verify whether @sardis/sdk will be installed, pin and review the package if needed, and avoid enabling unreviewed dependencies for a financial workflow.