square-automation

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill requires a runtime connection to the Rube MCP endpoint https://rube.app/mcp and explicitly instructs calling RUBE_SEARCH_TOOLS to fetch tool schemas that guide agent actions, so remote content from that URL directly controls prompts/instructions and is a required dependency.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly designed to integrate with a payment gateway (Square) and provides concrete, transactional operations: "Automate Square payment processing" plus named tool actions such as SQUARE_LIST_PAYMENTS, SQUARE_CANCEL_PAYMENT, SQUARE_LIST_INVOICES, SQUARE_CANCEL_INVOICE, SQUARE_UPDATE_ORDER, etc. These are specific financial APIs for managing payments and invoices (i.e., moving or reversing payment activity and altering billing-related state). This matches the Payment Gateway / direct transaction criteria for Direct Financial Execution.