webhook-handler

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is a specific HitPay payment gateway integration: it documents HitPay webhook headers/events (payment_request.completed, charge., transfer.), provides signature verification (HMAC-SHA256) code, and includes handlers that mark orders as paid and log webhook processing. It even mentions adding a webhook when creating payment requests. This is explicitly tied to a payment gateway and directly participates in payment processing/settlement flows rather than being a generic tool, so it qualifies as direct financial execution capability.