Sardis Policy

Security checks across malware telemetry and agentic risk

Overview

The skill is coherent, but it lets an agent create or replace real wallet spending policies with a Sardis API key without clear confirmation or scoping safeguards.

Install only if you intentionally want an agent to help manage Sardis wallet spending controls. Use a least-privilege Sardis API key, require the agent to show the exact wallet ID, parsed rules, limits, vendors, approval thresholds, and replacement target before any POST request, and avoid unattended use of high-limit, auto-approve, or unrestricted policy templates.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Low

Confidence: 91% confidence
Finding: The skill instructs users to export and use a live API key in shell commands but does not warn about protecting the secret from shell history, terminal logging, screenshots, or shared environments. While the examples do not directly leak the key, this documentation pattern increases the chance of accidental credential exposure during normal use.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal