aave

SUSPICIOUS: The core Aave functionality matches the stated purpose, but the skill is high-risk because it authorizes autonomous financial actions, depends on an undocumented wallet service, and explicitly expands permissions via a wildcard wallet-policy skill. No confirmed malware or direct credential theft is shown, but the scope and transitive trust are disproportionate.