Sardis Cards
WarnAudited by ClawScan on May 10, 2026.
Overview
This skill is openly about virtual payment cards, but it gives an agent high-impact financial powers without clear approval, scope, or reversibility boundaries.
Install only if you intentionally want an agent to manage virtual payment cards. Use a tightly scoped Sardis API key, enforce external spending limits and merchant allowlists, require human approval for issuing/revealing/changing/deleting cards, and keep card numbers, CVVs, and transaction logs out of agent-visible history.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the API key is available, an agent could create or alter payment-card capabilities and close cards, potentially affecting real money or business operations.
The skill gives the agent direct API workflows for issuing cards and permanently closing them. These are real financial/account mutations, and the visible instructions do not clearly require user approval before execution.
Issue virtual cards for AI agents to make real-world purchases ... curl -X POST https://api.sardis.sh/v2/cards ... curl -X DELETE https://api.sardis.sh/v2/cards/{card_id}Require explicit user confirmation for card issuance, card reveal, limit changes, unfreeze, and termination; set hard maximum spend limits and merchant/category allowlists outside the agent.
A broadly privileged API key could let the agent manage payment cards and access card details beyond what a user intended for a specific task.
The required API key is used for delegated financial card management, including sensitive card-number retrieval. The artifacts do not describe narrower key scopes, per-agent permissions, or approval boundaries.
requires:\n env:\n - SARDIS_API_KEY ... Authorization: Bearer $SARDIS_API_KEY ... Retrieve Card Number (Sensitive)
Use a least-privileged Sardis key, restrict it to specific agents/cards where possible, rotate it regularly, and avoid giving this skill access to production payment authority unless necessary.
Transaction history or card-management activity could appear in agent logs or retained context if logging is not carefully configured.
The skill explicitly calls for logging financial card activity. It warns against full card-number logging, but does not specify retention, redaction of transaction details, or where logs are stored.
ALWAYS log card creation and transactions ... NEVER expose full card numbers in logs or responses
Log only minimal, redacted card metadata; exclude PAN/CVV and sensitive merchant details; define retention limits and access controls for logs.
If a user installs the referenced SDK, they would be trusting external package code that was not included in this artifact review.
The skill metadata references an external npm package, but the provided review context contains no code or pinned package version.
install:\n npm:\n - "@sardis/sdk"
Pin the SDK version, verify package provenance, and review the dependency before installing it in an environment with payment-card credentials.