shopify-admin-cancel-and-restock

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill explicitly performs a Shopify GraphQL mutation (orderCancel) that can issue refunds for captured payments (parameter: refund: true → "any captured payment is automatically refunded"). It is a specific, payment-affecting API operation (requires write_orders scope) that executes irreversible financial actions (refunds). This qualifies as direct financial execution.