aave-security-foundations

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly tailored to AAVE (a DeFi lending protocol) and to "integration and execution scripts." It references crypto-specific financial operations: ERC20 approvals/allowance minimization, withdraw and borrow actions, and pre-trade/pre-execution checks (validate chain/token/account/amount, read reserve status and account health, enforce health-factor thresholds). Those are domain-specific controls for executing on-chain financial transactions (moving assets / enabling spends). Even though low-level signing calls aren't listed, the primary and explicit purpose is to support DeFi execution scripts, so it constitutes direct financial execution capability.