medusa-development

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill explicitly includes a "Custom payment provider module" with concrete functions that call payment gateway endpoints and perform payment actions: initiatePayment (creates a payment session), authorizePayment, capturePayment (POST to /capture), refundPayment (POST to /refund), cancelPayment, and webhook handlers. It also requires Stripe API keys in prerequisites and shows direct use of API keys to authenticate requests. These are specific, payment-provider integrations that can create, capture, and refund transactions — i.e., direct financial execution.