Sardis Escrow

This skill appears to do what it claims (smart-contract escrow via the Sardis API), but verify a few things before installing or using it with real funds: - Confirm the API domain and project: SKILL.md references https://api.sardis.sh and frontmatter lists homepage https://sardis.sh, but the registry metadata showed no homepage — verify the official project homepage and that the API endpoint is correct. - Inspect @sardis/sdk before installing: the SKILL.md mentions an npm SDK but the package is not installed automatically in the published skill. If you install the SDK, review its source and permissions first since npm packages can execute arbitrary code. - Limit and treat SARDIS_API_KEY as highly sensitive: create a key with minimal permissions, keep it secret, and have a revocation plan in case it is exposed. - Test with small amounts: because the skill can initiate fund movements (fund/release), first test flows on minimal or testnet funds and confirm contract addresses and behavior. - Confirm dispute/arbitration details: the skill mentions dispute resolution but does not detail how arbitration works or who has final authority; get those policies in writing before committing significant funds. If you want, I can check whether the npm package @sardis/sdk exists on the registry and summarize its contents or check whether the sardis.sh domain and API endpoints resolve to a legitimate project.