saas-scaffolder

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill explicitly integrates payment gateways and contains concrete billing operations. It includes Stripe (and Lemon Squeezy) integration with a Stripe client, environment secrets (STRIPE_SECRET_KEY, webhook secret, price IDs), and server routes that create customers and checkout sessions (stripe.customers.create, stripe.checkout.sessions.create) and handle subscription/webhook events that update billing/subscription state. These are specific APIs to move/manage money/subscriptions, not generic tooling, so it grants direct financial execution capability.