sardis-guardrails

Real-time security monitoring and circuit breaker controls for Sardis agent wallets

Safety Notice

This listing is from the official public ClawHub registry. Review SKILL.md and referenced scripts before running.

Copy this and send it to your AI assistant to learn

Install skill "sardis-guardrails" with this command: npx skills add efedurmaz16/sardis-guardrails

Sardis Guardrails - Real-Time Security Controls

Comprehensive security monitoring and emergency controls for agent wallets. Protect against runaway spending, anomalous behavior, and security threats with circuit breakers and kill switches.

Capabilities

  • Circuit Breaker Status: Check if automatic spending halts are active
  • Kill Switch Control: Emergency stop all transactions wallet-wide
  • Rate Limit Monitoring: Track transaction velocity and spending patterns
  • Behavioral Alerts: Get warnings for anomalous agent behavior
  • Emergency Controls: Immediate response to security threats

Security Model

CRITICAL CONTROLS: This skill can activate emergency stops that halt all wallet transactions. Use with caution.

Quick Setup

export SARDIS_API_KEY=sk_your_key_here

API Endpoint Patterns

Base URL: https://api.sardis.sh/v2

Check Circuit Breaker Status

# Get current circuit breaker and kill switch status
curl -X GET https://api.sardis.sh/v2/guardrails/status \
  -H "Authorization: Bearer $SARDIS_API_KEY" \
  -H "X-Wallet-ID: wallet_abc123"

# Example response:
# {
#   "wallet_id": "wallet_abc123",
#   "circuit_breaker": {
#     "active": false,
#     "reason": null,
#     "triggered_at": null
#   },
#   "kill_switch": {
#     "active": false,
#     "activated_by": null,
#     "activated_at": null
#   },
#   "rate_limits": {
#     "tx_per_minute": 5,
#     "current_rate": 2.3,
#     "threshold_breached": false
#   },
#   "status": "operational"
# }

Activate Kill Switch

# Emergency stop all transactions for a wallet
curl -X POST https://api.sardis.sh/v2/guardrails/kill-switch/activate \
  -H "Authorization: Bearer $SARDIS_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "wallet_id": "wallet_abc123",
    "reason": "Suspected unauthorized activity detected"
  }'

# Response:
# {
#   "wallet_id": "wallet_abc123",
#   "kill_switch_active": true,
#   "activated_at": "2026-02-21T10:30:00Z",
#   "reason": "Suspected unauthorized activity detected",
#   "message": "All transactions halted. Contact support to reactivate."
# }

Deactivate Kill Switch

# Resume normal operations after investigation
curl -X POST https://api.sardis.sh/v2/guardrails/kill-switch/deactivate \
  -H "Authorization: Bearer $SARDIS_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "wallet_id": "wallet_abc123"
  }'

# Response:
# {
#   "wallet_id": "wallet_abc123",
#   "kill_switch_active": false,
#   "deactivated_at": "2026-02-21T11:00:00Z",
#   "message": "Wallet operational. Transactions resumed."
# }

Check Rate Limits

# Monitor transaction velocity and spending rate
curl -X GET https://api.sardis.sh/v2/guardrails/rate-limits \
  -H "Authorization: Bearer $SARDIS_API_KEY" \
  -H "X-Wallet-ID: wallet_abc123"

# Example response:
# {
#   "wallet_id": "wallet_abc123",
#   "limits": {
#     "tx_per_minute": {
#       "limit": 5,
#       "current": 2.3,
#       "percentage_used": 46.0,
#       "breached": false
#     },
#     "tx_per_hour": {
#       "limit": 100,
#       "current": 45,
#       "percentage_used": 45.0,
#       "breached": false
#     },
#     "spend_per_hour_usd": {
#       "limit": "1000.00",
#       "current": "325.50",
#       "percentage_used": 32.55,
#       "breached": false
#     }
#   },
#   "status": "healthy"
# }

Get Behavioral Alerts

# Retrieve anomaly detection alerts
curl -X GET https://api.sardis.sh/v2/guardrails/alerts \
  -H "Authorization: Bearer $SARDIS_API_KEY" \
  -H "X-Wallet-ID: wallet_abc123"

# Filters:
# - severity: low, medium, high, critical
# - limit: Number of alerts (default 20, max 100)
# - since: ISO 8601 timestamp for alerts after this time

# Example with filters:
curl -X GET "https://api.sardis.sh/v2/guardrails/alerts?severity=high&limit=10" \
  -H "Authorization: Bearer $SARDIS_API_KEY" \
  -H "X-Wallet-ID: wallet_abc123"

Example Commands

Emergency Stop Workflow

# 1. Check current status
WALLET_ID=wallet_abc123
STATUS=$(curl -s -X GET https://api.sardis.sh/v2/guardrails/status \
  -H "Authorization: Bearer $SARDIS_API_KEY" \
  -H "X-Wallet-ID: $WALLET_ID")

echo "Current Status:"
echo "$STATUS" | jq '.'

# 2. Activate kill switch if needed
if [[ $(echo "$STATUS" | jq -r '.circuit_breaker.active') == "true" ]]; then
  echo "Circuit breaker already active!"

  curl -X POST https://api.sardis.sh/v2/guardrails/kill-switch/activate \
    -H "Authorization: Bearer $SARDIS_API_KEY" \
    -H "Content-Type: application/json" \
    -d "{\"wallet_id\": \"$WALLET_ID\", \"reason\": \"Manual emergency stop\"}"
fi

Rate Limit Monitor

# Monitor and alert on high transaction rates
WALLET_ID=wallet_abc123

while true; do
  LIMITS=$(curl -s -X GET https://api.sardis.sh/v2/guardrails/rate-limits \
    -H "Authorization: Bearer $SARDIS_API_KEY" \
    -H "X-Wallet-ID: $WALLET_ID")

  TX_RATE=$(echo "$LIMITS" | jq -r '.limits.tx_per_minute.current')
  THRESHOLD=80

  USAGE=$(echo "$LIMITS" | jq -r '.limits.tx_per_minute.percentage_used')

  if (( $(echo "$USAGE > $THRESHOLD" | bc -l) )); then
    echo "WARNING: Transaction rate at ${USAGE}% of limit"
    echo "Current: $TX_RATE tx/min"
  fi

  sleep 30
done

Behavioral Alert Dashboard

# Get critical alerts and display summary
WALLET_ID=wallet_abc123

echo "=== Critical Security Alerts ==="
curl -s -X GET "https://api.sardis.sh/v2/guardrails/alerts?severity=critical&limit=5" \
  -H "Authorization: Bearer $SARDIS_API_KEY" \
  -H "X-Wallet-ID: $WALLET_ID" | jq '.alerts[] | "\(.timestamp) - \(.type): \(.message)"'

echo -e "\n=== High Priority Alerts ==="
curl -s -X GET "https://api.sardis.sh/v2/guardrails/alerts?severity=high&limit=5" \
  -H "Authorization: Bearer $SARDIS_API_KEY" \
  -H "X-Wallet-ID: $WALLET_ID" | jq '.alerts[] | "\(.timestamp) - \(.type): \(.message)"'

Automated Circuit Breaker Response

# Check for circuit breaker activation and notify
WALLET_ID=wallet_abc123

STATUS=$(curl -s -X GET https://api.sardis.sh/v2/guardrails/status \
  -H "Authorization: Bearer $SARDIS_API_KEY" \
  -H "X-Wallet-ID: $WALLET_ID")

if [[ $(echo "$STATUS" | jq -r '.circuit_breaker.active') == "true" ]]; then
  REASON=$(echo "$STATUS" | jq -r '.circuit_breaker.reason')
  echo "ALERT: Circuit breaker triggered!"
  echo "Reason: $REASON"

  # Send notification (integrate with your alerting system)
  # curl -X POST https://your-webhook.com/alert -d "Circuit breaker active: $REASON"
fi

Response Examples

Guardrails Status Response

{
  "wallet_id": "wallet_abc123",
  "circuit_breaker": {
    "active": false,
    "reason": null,
    "triggered_at": null,
    "auto_recovery": true,
    "recovery_threshold": "10 minutes below threshold"
  },
  "kill_switch": {
    "active": false,
    "activated_by": null,
    "activated_at": null,
    "requires_manual_reset": true
  },
  "rate_limits": {
    "tx_per_minute": {
      "limit": 5,
      "current": 2.3,
      "breached": false
    },
    "tx_per_hour": {
      "limit": 100,
      "current": 45,
      "breached": false
    },
    "spend_per_hour_usd": {
      "limit": "1000.00",
      "current": "325.50",
      "breached": false
    }
  },
  "status": "operational",
  "last_checked": "2026-02-21T10:30:00Z"
}

Behavioral Alerts Response

{
  "wallet_id": "wallet_abc123",
  "alerts": [
    {
      "alert_id": "alert_xyz789",
      "severity": "high",
      "type": "unusual_recipient",
      "message": "Transaction to new recipient with no prior history",
      "details": {
        "recipient": "0x742d35Cc6634C0532925a3b844Bc9e7595f0bEb",
        "amount": "500.00",
        "token": "USDC",
        "deviation": "high"
      },
      "timestamp": "2026-02-21T09:45:00Z",
      "auto_blocked": false,
      "requires_review": true
    },
    {
      "alert_id": "alert_abc456",
      "severity": "medium",
      "type": "velocity_spike",
      "message": "Transaction rate 3x higher than normal baseline",
      "details": {
        "normal_rate": "2.5 tx/min",
        "current_rate": "7.8 tx/min",
        "duration": "5 minutes"
      },
      "timestamp": "2026-02-21T09:30:00Z",
      "auto_blocked": false,
      "requires_review": false
    }
  ],
  "total": 2,
  "has_critical": false
}

Kill Switch Activation Response

{
  "wallet_id": "wallet_abc123",
  "kill_switch_active": true,
  "activated_by": "api_key_sk_xyz",
  "activated_at": "2026-02-21T10:30:00Z",
  "reason": "Suspected unauthorized activity detected",
  "affected_transactions": {
    "pending_count": 3,
    "pending_total_usd": "125.50",
    "all_blocked": true
  },
  "message": "All transactions halted. Contact support@sardis.sh to reactivate.",
  "reactivation_requires": ["manual_approval", "security_review"]
}

Error Handling

  • 401 Unauthorized - Invalid or missing API key
  • 403 Forbidden - No access to this wallet or insufficient permissions
  • 404 Not Found - Wallet does not exist
  • 409 Conflict - Kill switch already in requested state
  • 429 Too Many Requests - Rate limit exceeded

Use Cases

  • Security Incident Response: Emergency stop during security threats
  • Anomaly Detection: Catch unusual spending patterns early
  • Compliance Monitoring: Track transaction velocity for regulatory compliance
  • Automated Safety: Circuit breakers prevent runaway spending
  • Alert Automation: Integrate with monitoring systems for real-time alerts

Related Skills

  • sardis-balance - Monitor wallet balances and spending
  • sardis-policy - Define spending rules and limits
  • sardis-payment - Execute controlled payments

Links

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open Registry RecordOpen in ClawHub

Related Skills

Related by shared tags or category signals.

Security

Linkedin Profile Optimizer

Audit and rewrite LinkedIn profiles for recruiter visibility, inbound leads, and category authority. Diagnoses headline, About, Experience, Skills, Featured,...

Registry SourceRecently Updated
00charlie-morrison
Security

TLS Configuration Auditor

Audit TLS/SSL configuration of servers and applications. Check protocol versions, cipher suites, certificate chain validity, HSTS headers, and compliance wit...

Registry SourceRecently Updated
480charlie-morrison
Security

AxonFlow Governance Policies

Govern OpenClaw with AxonFlow — block dangerous commands, detect PII, prevent data exfiltration, protect agent config files, explain policy decisions, grant...

Registry SourceRecently Updated
2731axonflow
Security

Crypto Guardian

Provides security guidance and checks for safely managing crypto wallets, keys, seed phrases, approvals, multisig, and incident response for AI agents.

Registry SourceRecently Updated
70ayh-25