← 返回 Skills 市场

Sardis Guardrails

Name: Sardis Guardrails
Author: efedurmaz16

作者 EfeDurmaz16 · GitHub ↗ · v1.0.0

cross-platform ⚠ suspicious

345

总下载

当前安装

版本数

在 OpenClaw 中安装

/install sardis-guardrails

功能描述

Real-time security monitoring and circuit breaker controls for Sardis agent wallets

安全使用建议

What to check before installing/using this skill: - Verify the publisher and origin: SKILL.md references https://sardis.sh but the registry 'Source' and homepage fields are unknown/missing. Confirm this is the official Sardis project. - Treat SARDIS_API_KEY as powerful: the skill can activate a wallet-wide kill switch. Only provide a key with the minimum scope required (and avoid using a master key). - Confirm the npm install intent: SKILL.md mentions '@sardis/sdk' but the registry shows no install spec. If you must run 'npm install', review that package's source (or host it internally) before installing. - Note a small inconsistency in the examples: they use the 'bc' command but 'bc' is not declared as required; ensure your runtime has needed binaries. - Test in a non-production environment first (use a test wallet) to verify behavior and that the API endpoints are legitimate. - Limit autonomous invocation if you are uncomfortable with the agent calling kill-switch operations without explicit approval. - If you decide not to install, rotate/revoke any API keys you may have exposed while testing. If you can get confirmation from the publisher about the npm dependency and the official Sardis domain/owner, the inconsistencies would be resolved and confidence would increase.

功能分析

Type: OpenClaw Skill Name: sardis-guardrails Version: 1.0.0 The sardis-guardrails skill bundle provides legitimate security monitoring and emergency control capabilities for Sardis agent wallets. It utilizes standard API interactions with api.sardis.sh to manage circuit breakers, kill switches, and rate limits, with no evidence of malicious intent, data exfiltration, or prompt injection attacks.

能力评估

ℹ Purpose & Capability

Name/description match the actions shown (checking status, activating/deactivating kill switch, monitoring rate limits, fetching alerts). Requesting a single API key (SARDIS_API_KEY) and using curl/jq is proportionate. However, SKILL.md contains an 'install: npm: ["@sardis/sdk"]' entry while the registry metadata reported 'No install spec' — this mismatch is an incoherence to resolve (either the skill expects an npm package or it does not).

ℹ Instruction Scope

The instructions are focused on calling Sardis API endpoints and printing/parsing results; they do not instruct the agent to read unrelated files or exfiltrate data to other endpoints. Concerns: (1) example scripts use the 'bc' command to compare floats but 'bc' is not listed in required binaries, so examples may fail or implicitly require extra binaries; (2) examples expect the caller to supply X-Wallet-ID values — fine but requires discipline; (3) the skill can execute powerful actions (kill switch) as documented, which is expected but high impact.

ℹ Install Mechanism

Registry metadata indicates no install spec (instruction-only), which is low-risk. SKILL.md, however, lists installing '@sardis/sdk' via npm. If the skill actually causes an npm install at runtime, that introduces moderate risk (third-party package code execution). There is no direct download from arbitrary URLs or archive extraction in the metadata. Clarify whether the npm package install is required and inspect that package before running installs.

✓ Credentials

Only SARDIS_API_KEY is required and declared as the primary credential, which matches the skill's stated API-driven purpose. No other secrets or unrelated environment variables are requested.

✓ Persistence & Privilege

always is false and disable-model-invocation is false (agent may call the skill autonomously) — this is the platform default. The skill does not request persistent system-wide privileges, nor does it modify other skills' configs. Because the skill can trigger emergency wallet-wide actions, you should control which agents/accounts are allowed to invoke it.

如何使用

确保已安装 OpenClaw（本地或 Docker 部署）
在对话框中输入安装命令：/install sardis-guardrails
安装完成后，直接呼叫该 Skill 的名称或使用 /sardis-guardrails 触发
根据 Skill 的参数说明提供必要输入，即可获得结构化输出

版本历史

v1.0.0

Initial release of sardis-guardrails — real-time security controls for Sardis agent wallets. - Provides circuit breaker status monitoring and emergency kill switch controls. - Supports real-time rate limit tracking and anomaly detection alerts. - Includes setup, API usage, and example Bash/CLI workflows for instant integration. - Requires SARDIS_API_KEY environment variable and uses curl/jq for command-line operations. - Designed for immediate response to security threats, runaway spending, or anomalous behavior.

元数据

Slug sardis-guardrails

版本 1.0.0

许可证 —

累计安装 1

当前安装数 1

历史版本数 1

常见问题

Sardis Guardrails 是什么？

Real-time security monitoring and circuit breaker controls for Sardis agent wallets. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件，目前累计下载 345 次。

如何安装 Sardis Guardrails？

在 OpenClaw 或 Claude Code 对话框中运行命令「/install sardis-guardrails」即可一键安装，无需额外配置。

Sardis Guardrails 是免费的吗？

是的，Sardis Guardrails 完全免费（开源免费），可自由下载、安装和使用。

Sardis Guardrails 支持哪些平台？

Sardis Guardrails 跨平台运行，可在任意部署了 OpenClaw / Claude Code 的环境中使用（cross-platform）。

谁开发了 Sardis Guardrails？

由 EfeDurmaz16（@efedurmaz16）开发并维护，当前版本 v1.0.0。