shopify-core-workflow-b

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is a Shopify Admin API workflow specifically for orders and customers and includes explicit mutations that perform money-moving actions: it defines draftOrderCreate (creates invoiceable orders) and, critically, refundCreate (a mutation to create refunds that returns funds). It surfaces financial fields (totalPriceSet, displayFinancialStatus, invoiceUrl) and requires write scopes for orders/fulfillments. Because it includes an explicit refund mutation and order-invoicing functionality (direct financial operations), it grants direct financial execution capability.