web-payments

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly a Stripe payments integration. It contains concrete, payment-specific API calls and endpoints (e.g., stripe.checkout.sessions.create, stripe.prices.create, stripe.subscriptions.create/list, billing portal session creation, webhook handling) and references secret API keys (STRIPE_SECRET_KEY). These are direct payment gateway operations (creating checkout sessions, subscriptions, prices, handling payment webhooks) — not generic tooling — and therefore grant the ability to initiate and manage real financial transactions.