hitpay

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly a payment gateway integration for HitPay. It includes concrete API calls and code for creating payment requests, redirecting users to checkout, generating QR-based payment requests, checking payment status, handling payment webhooks, and issuing refunds via the HitPay REST API (e.g., POST to /v1/payment-requests and /v1/payment-requests/{id}/refund) using an API key. These are specific, purpose-built financial operations (creating charges and triggering refunds), so the skill grants direct financial execution capability.