Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Sardis Guardrails
v1.0.0Real-time security monitoring and circuit breaker controls for Sardis agent wallets
⭐ 0· 238·1 current·1 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name/description match the actions shown (checking status, activating/deactivating kill switch, monitoring rate limits, fetching alerts). Requesting a single API key (SARDIS_API_KEY) and using curl/jq is proportionate. However, SKILL.md contains an 'install: npm: ["@sardis/sdk"]' entry while the registry metadata reported 'No install spec' — this mismatch is an incoherence to resolve (either the skill expects an npm package or it does not).
Instruction Scope
The instructions are focused on calling Sardis API endpoints and printing/parsing results; they do not instruct the agent to read unrelated files or exfiltrate data to other endpoints. Concerns: (1) example scripts use the 'bc' command to compare floats but 'bc' is not listed in required binaries, so examples may fail or implicitly require extra binaries; (2) examples expect the caller to supply X-Wallet-ID values — fine but requires discipline; (3) the skill can execute powerful actions (kill switch) as documented, which is expected but high impact.
Install Mechanism
Registry metadata indicates no install spec (instruction-only), which is low-risk. SKILL.md, however, lists installing '@sardis/sdk' via npm. If the skill actually causes an npm install at runtime, that introduces moderate risk (third-party package code execution). There is no direct download from arbitrary URLs or archive extraction in the metadata. Clarify whether the npm package install is required and inspect that package before running installs.
Credentials
Only SARDIS_API_KEY is required and declared as the primary credential, which matches the skill's stated API-driven purpose. No other secrets or unrelated environment variables are requested.
Persistence & Privilege
always is false and disable-model-invocation is false (agent may call the skill autonomously) — this is the platform default. The skill does not request persistent system-wide privileges, nor does it modify other skills' configs. Because the skill can trigger emergency wallet-wide actions, you should control which agents/accounts are allowed to invoke it.
What to consider before installing
What to check before installing/using this skill:
- Verify the publisher and origin: SKILL.md references https://sardis.sh but the registry 'Source' and homepage fields are unknown/missing. Confirm this is the official Sardis project.
- Treat SARDIS_API_KEY as powerful: the skill can activate a wallet-wide kill switch. Only provide a key with the minimum scope required (and avoid using a master key).
- Confirm the npm install intent: SKILL.md mentions '@sardis/sdk' but the registry shows no install spec. If you must run 'npm install', review that package's source (or host it internally) before installing.
- Note a small inconsistency in the examples: they use the 'bc' command but 'bc' is not declared as required; ensure your runtime has needed binaries.
- Test in a non-production environment first (use a test wallet) to verify behavior and that the API endpoints are legitimate.
- Limit autonomous invocation if you are uncomfortable with the agent calling kill-switch operations without explicit approval.
- If you decide not to install, rotate/revoke any API keys you may have exposed while testing.
If you can get confirmation from the publisher about the npm dependency and the official Sardis domain/owner, the inconsistencies would be resolved and confidence would increase.Like a lobster shell, security has layers — review code before you run it.
latestvk97a6m7c83evgddb52x4e0vbj582g74s
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
🛡️ Clawdis
Binscurl, jq
EnvSARDIS_API_KEY
Primary envSARDIS_API_KEY