security-convex

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill explicitly references payment processing and a Stripe secret key. It includes example functions named processPayment and chargeCard, shows a public mutation that calls chargeCard, a secure internalMutation pattern for processPayment, and an action that reads process.env.STRIPE_SECRET_KEY and "callStripe". These are specific, explicit payment-related operations (payment gateway integration), not generic tooling, so the skill grants Direct Financial Execution capability.