Giza
WarnAudited by ClawScan on May 18, 2026.
Overview
This skill appears aligned with DeFi yield management, but it can affect real funds and does not clearly require explicit confirmation for every financial change.
Use this only if you trust Giza and understand the risks of DeFi yield products. Before any account change, ask the agent to restate the exact network, asset, amount, protocol, fees, risks, and reversibility, and give explicit approval only when you are satisfied.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A user could ask for a broad strategy change and the agent may be instructed to call a financial tool that changes where funds are allocated without first restating the exact change, risks, fees, and asking for a clear yes.
The skill documents explicit confirmation for withdrawals and deactivation, but also routes strategy/protocol changes to a mutating Giza tool without a visible equivalent confirmation requirement in the provided artifact.
"For these actions, always get explicit confirmation before executing: ... Withdrawals ... Deactivation" and "Change protocols" / "Switch strategies" | giza_update_protocols
Require explicit user confirmation for every fund-affecting action, including protocol updates, onboarding/deposit setup, top-ups, rebalancing, and withdrawals; show network, asset, amount, protocols, fees, and risks before execution.
After login, the connected service may be able to view portfolio information and perform account operations supported by the Giza tools.
The skill requires a Giza login flow to access account-specific DeFi operations. This is expected for the purpose, but it grants the integration privileged access to portfolio and transaction functions.
"If any tool call returns an authentication error: 1. Call giza_login to get a login URL ... Retry the original operation after confirmation"
Only log in if you trust the Giza service, verify the login URL, and avoid approving actions unless the agent has clearly summarized what will happen.
Portfolio details and financial action requests may be sent through the Giza MCP server.
The skill depends on an external MCP server for financial account data and actions. This is purpose-aligned, but the provided artifact does not describe the server endpoint, permission boundaries, or data-handling guarantees.
"Connects to the Giza MCP server for autonomous stablecoin yield across Base, Arbitrum, Plasma, and HyperEVM."
Verify the MCP server source and permissions before use, and keep financial actions user-directed with explicit approvals.
Users have less information for confirming who publishes or operates the financial integration behind the skill.
There is no runnable code to inspect and no install source or homepage in the supplied metadata. For a DeFi skill that references an MCP server, this limits provenance verification.
Source: unknown; Homepage: none; No install spec — this is an instruction-only skill.
Install only from a trusted registry entry, verify Giza’s official documentation separately, and confirm that the MCP tools come from the expected provider.