Zyfai Yield Automation
WarnAudited by ClawScan on May 10, 2026.
Overview
This DeFi yield skill is coherent with its stated purpose, but it deserves review because it can initiate wallet transactions and create ongoing automated session-key control over user funds without clear approval and revocation boundaries in the provided artifacts.
Review carefully before installing or using. Only proceed if you understand the DeFi risks, can verify the Zyfai SDK and contracts, and will require explicit confirmation for every transaction. Use small test amounts first, avoid raw private keys when possible, and confirm how session keys can be limited and revoked before enabling automated rebalancing.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If an agent follows the workflow too aggressively, user funds could be deposited or exposed to DeFi risk without sufficiently explicit approval.
The provided workflow includes code that can commit user funds to a DeFi vault. In the shown artifact, this high-impact action is not paired with an explicit requirement to confirm the exact amount, chain, asset, fees, contract, and risk immediately before sending a transaction.
const deposit = await sdk.vaultDeposit("100", "USDC");Require explicit user confirmation before every on-chain transaction, including wallet address, chain, token, amount, expected contract, fees, withdrawal mechanics, and risk disclosures.
Automated rebalancing authority may continue after initial setup and affect funds without per-action user involvement.
The skill instructs creation of a session key that enables ongoing automated rebalancing. The provided excerpt does not clearly define duration, revocation steps, spending/strategy limits, or when fresh user approval is required.
await sdk.createSessionKey(userAddress, chainId); ... This allows Zyfai to rebalance funds automatically.
Before enabling a session key, disclose its permissions, duration, supported assets/chains, strategy limits, revocation method, and require an explicit opt-in from the user.
Exposure or misuse of the private key could allow loss of wallet funds.
The server-agent example reads a raw wallet private key from an environment variable. This is purpose-aligned for wallet automation and the artifact recommends KMS/Wallet-as-a-Service for production, but the private key controls the wallet and must be handled carefully.
account: privateKeyToAccount(process.env.PRIVATE_KEY as `0x${string}`)Prefer browser wallet confirmation, hardware wallets, KMS, or wallet-as-a-service. Never paste private keys into chat, logs, or untrusted environments, and use a limited wallet when testing.
A compromised or unexpected dependency version could affect transaction construction or wallet interaction.
The skill relies on external npm packages and does not pin versions in the shown install command. This is normal for an SDK integration, but dependency provenance matters because the packages help create wallet transactions.
npm install @zyfai/sdk viem
Pin package versions, verify package provenance, review dependency updates, and use a clean environment for crypto operations.