square-automation

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill requires adding and querying the MCP endpoint https://rube.app/mcp at runtime (via RUBE_SEARCH_TOOLS) to fetch current tool schemas that directly drive agent behavior, so this external URL is a required runtime dependency that can control prompts/instructions.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly designed to automate Square (a payment gateway) and exposes specific payment and invoice operations (e.g., SQUARE_LIST_PAYMENTS, SQUARE_CANCEL_PAYMENT, SQUARE_LIST_INVOICES, SQUARE_CANCEL_INVOICE, payment processing and invoice management). These are dedicated financial APIs able to affect transactions (cancel payments, manage invoices, process payments) rather than generic tooling. Therefore it grants direct financial execution capability.